Software APIs
dif_otp_ctrl.c
1// Copyright lowRISC contributors (OpenTitan project).
2// Licensed under the Apache License, Version 2.0, see LICENSE for details.
3// SPDX-License-Identifier: Apache-2.0
4#include "sw/device/lib/dif/dif_otp_ctrl.h"
5
6#include <stddef.h>
7
8#include "sw/device/lib/base/bitfield.h"
9#include "sw/device/lib/base/macros.h"
10#include "sw/device/lib/dif/dif_base.h"
11
12#include "hw/top/otp_ctrl_regs.h" // Generated.
13
14/**
15 * Checks if integrity/consistency-check-related operations are locked.
16 *
17 * This is a convenience function to avoid superfluous error-checking in all the
18 * functions that can be locked out by this register.
19 *
20 * @param check_config True to check the config regwen. False to check the
21 * trigger regwen.
22 */
23static bool checks_are_locked(const dif_otp_ctrl_t *otp, bool check_config) {
24 ptrdiff_t reg_offset = check_config
25 ? OTP_CTRL_CHECK_REGWEN_REG_OFFSET
26 : OTP_CTRL_CHECK_TRIGGER_REGWEN_REG_OFFSET;
27 size_t regwen_bit =
28 check_config ? OTP_CTRL_CHECK_REGWEN_CHECK_REGWEN_BIT
29 : OTP_CTRL_CHECK_TRIGGER_REGWEN_CHECK_TRIGGER_REGWEN_BIT;
30 uint32_t locked = mmio_region_read32(otp->base_addr, reg_offset);
31 return !bitfield_bit32_read(locked, regwen_bit);
32}
33
34static dif_result_t get_error_code(const dif_otp_ctrl_t *otp,
35 uint32_t partition_number,
36 dif_otp_ctrl_error_t *err) {
37 bitfield_field32_t field;
38 field = (bitfield_field32_t){
39 .mask = OTP_CTRL_ERR_CODE_0_ERR_CODE_0_MASK,
40 .index = OTP_CTRL_ERR_CODE_0_ERR_CODE_0_OFFSET,
41 };
42
43 ptrdiff_t err_code_address =
44 OTP_CTRL_ERR_CODE_0_REG_OFFSET +
45 (ptrdiff_t)partition_number * (ptrdiff_t)sizeof(uint32_t);
46 uint32_t error_code = mmio_region_read32(otp->base_addr, err_code_address);
47
48 switch (bitfield_field32_read(error_code, field)) {
49 case OTP_CTRL_ERR_CODE_0_ERR_CODE_0_VALUE_NO_ERROR:
50 *err = kDifOtpCtrlErrorOk;
51 break;
52 case OTP_CTRL_ERR_CODE_0_ERR_CODE_0_VALUE_MACRO_ERROR:
53 *err = kDifOtpCtrlErrorMacroUnspecified;
54 break;
55 case OTP_CTRL_ERR_CODE_0_ERR_CODE_0_VALUE_MACRO_ECC_CORR_ERROR:
56 *err = kDifOtpCtrlErrorMacroRecoverableRead;
57 break;
58 case OTP_CTRL_ERR_CODE_0_ERR_CODE_0_VALUE_MACRO_ECC_UNCORR_ERROR:
59 *err = kDifOtpCtrlErrorMacroUnrecoverableRead;
60 break;
61 case OTP_CTRL_ERR_CODE_0_ERR_CODE_0_VALUE_MACRO_WRITE_BLANK_ERROR:
62 *err = kDifOtpCtrlErrorMacroBlankCheckFailed;
63 break;
64 case OTP_CTRL_ERR_CODE_0_ERR_CODE_0_VALUE_ACCESS_ERROR:
65 *err = kDifOtpCtrlErrorLockedAccess;
66 break;
67 case OTP_CTRL_ERR_CODE_0_ERR_CODE_0_VALUE_CHECK_FAIL_ERROR:
68 *err = kDifOtpCtrlErrorBackgroundCheckFailed;
69 break;
70 case OTP_CTRL_ERR_CODE_0_ERR_CODE_0_VALUE_FSM_STATE_ERROR:
71 *err = kDifOtpCtrlErrorFsmBadState;
72 break;
73 default:
74 return kDifError;
75 }
76 return kDifOk;
77}
78
79dif_result_t dif_otp_ctrl_configure(const dif_otp_ctrl_t *otp,
80 dif_otp_ctrl_config_t config) {
81 if (otp == NULL) {
82 return kDifBadArg;
83 }
84 if (checks_are_locked(otp, /*check_config=*/true)) {
85 return kDifLocked;
86 }
87
88 mmio_region_write32(otp->base_addr, OTP_CTRL_CHECK_TIMEOUT_REG_OFFSET,
89 config.check_timeout);
90 mmio_region_write32(otp->base_addr,
91 OTP_CTRL_INTEGRITY_CHECK_PERIOD_REG_OFFSET,
92 config.integrity_period_mask);
93 mmio_region_write32(otp->base_addr,
94 OTP_CTRL_CONSISTENCY_CHECK_PERIOD_REG_OFFSET,
95 config.consistency_period_mask);
96
97 return kDifOk;
98}
99
100dif_result_t dif_otp_ctrl_check_integrity(const dif_otp_ctrl_t *otp) {
101 if (otp == NULL) {
102 return kDifBadArg;
103 }
104 if (checks_are_locked(otp, /*check_config=*/false)) {
105 return kDifLocked;
106 }
107
108 uint32_t reg =
109 bitfield_bit32_write(0, OTP_CTRL_CHECK_TRIGGER_INTEGRITY_BIT, true);
110 mmio_region_write32(otp->base_addr, OTP_CTRL_CHECK_TRIGGER_REG_OFFSET, reg);
111
112 return kDifOk;
113}
114
115dif_result_t dif_otp_ctrl_check_consistency(const dif_otp_ctrl_t *otp) {
116 if (otp == NULL) {
117 return kDifBadArg;
118 }
119 if (checks_are_locked(otp, /*check_config=*/false)) {
120 return kDifLocked;
121 }
122
123 uint32_t reg =
124 bitfield_bit32_write(0, OTP_CTRL_CHECK_TRIGGER_CONSISTENCY_BIT, true);
125 mmio_region_write32(otp->base_addr, OTP_CTRL_CHECK_TRIGGER_REG_OFFSET, reg);
126
127 return kDifOk;
128}
129
130dif_result_t dif_otp_ctrl_dai_lock(const dif_otp_ctrl_t *otp) {
131 if (otp == NULL) {
132 return kDifBadArg;
133 }
134
135 uint32_t reg = bitfield_bit32_write(
136 0, OTP_CTRL_DIRECT_ACCESS_REGWEN_DIRECT_ACCESS_REGWEN_BIT, false);
137 mmio_region_write32(otp->base_addr, OTP_CTRL_DIRECT_ACCESS_REGWEN_REG_OFFSET,
138 reg);
139
140 return kDifOk;
141}
142
143dif_result_t dif_otp_ctrl_dai_is_locked(const dif_otp_ctrl_t *otp,
144 bool *is_locked) {
145 if (otp == NULL || is_locked == NULL) {
146 return kDifBadArg;
147 }
148
149 uint32_t reg = mmio_region_read32(otp->base_addr,
150 OTP_CTRL_DIRECT_ACCESS_REGWEN_REG_OFFSET);
151 *is_locked = !bitfield_bit32_read(
152 reg, OTP_CTRL_DIRECT_ACCESS_REGWEN_DIRECT_ACCESS_REGWEN_BIT);
153
154 return kDifOk;
155}
156
157dif_result_t dif_otp_ctrl_lock_config(const dif_otp_ctrl_t *otp) {
158 if (otp == NULL) {
159 return kDifBadArg;
160 }
161
162 uint32_t reg =
163 bitfield_bit32_write(0, OTP_CTRL_CHECK_REGWEN_CHECK_REGWEN_BIT, false);
164 mmio_region_write32(otp->base_addr, OTP_CTRL_CHECK_REGWEN_REG_OFFSET, reg);
165
166 return kDifOk;
167}
168
169dif_result_t dif_otp_ctrl_config_is_locked(const dif_otp_ctrl_t *otp,
170 bool *is_locked) {
171 if (otp == NULL || is_locked == NULL) {
172 return kDifBadArg;
173 }
174
175 *is_locked = checks_are_locked(otp, /*check_config=*/true);
176 return kDifOk;
177}
178
179dif_result_t dif_otp_ctrl_lock_check_trigger(const dif_otp_ctrl_t *otp) {
180 if (otp == NULL) {
181 return kDifBadArg;
182 }
183
184 uint32_t reg = bitfield_bit32_write(
185 0, OTP_CTRL_CHECK_TRIGGER_REGWEN_CHECK_TRIGGER_REGWEN_BIT, false);
186 mmio_region_write32(otp->base_addr, OTP_CTRL_CHECK_TRIGGER_REGWEN_REG_OFFSET,
187 reg);
188
189 return kDifOk;
190}
191
192dif_result_t dif_otp_ctrl_check_trigger_is_locked(const dif_otp_ctrl_t *otp,
193 bool *is_locked) {
194 if (otp == NULL || is_locked == NULL) {
195 return kDifBadArg;
196 }
197
198 *is_locked = checks_are_locked(otp, /*check_config=*/false);
199 return kDifOk;
200}
201
202static bool sw_read_lock_reg_offset(dif_otp_ctrl_partition_t partition,
203 ptrdiff_t *reg_offset,
204 bitfield_bit32_index_t *index) {
205 switch (partition) {
206 case kDifOtpCtrlPartitionVendorTest:
207 *reg_offset = OTP_CTRL_VENDOR_TEST_READ_LOCK_REG_OFFSET;
208 *index = OTP_CTRL_VENDOR_TEST_READ_LOCK_VENDOR_TEST_READ_LOCK_BIT;
209 break;
210 case kDifOtpCtrlPartitionCreatorSwCfg:
211 *reg_offset = OTP_CTRL_CREATOR_SW_CFG_READ_LOCK_REG_OFFSET;
212 *index = OTP_CTRL_CREATOR_SW_CFG_READ_LOCK_CREATOR_SW_CFG_READ_LOCK_BIT;
213 break;
214 case kDifOtpCtrlPartitionOwnerSwCfg:
215 *reg_offset = OTP_CTRL_OWNER_SW_CFG_READ_LOCK_REG_OFFSET;
216 *index = OTP_CTRL_OWNER_SW_CFG_READ_LOCK_OWNER_SW_CFG_READ_LOCK_BIT;
217 break;
218#if defined(OPENTITAN_IS_EARLGREY)
219 case kDifOtpCtrlPartitionRotCreatorAuthCodesign:
220 *reg_offset = OTP_CTRL_ROT_CREATOR_AUTH_CODESIGN_READ_LOCK_REG_OFFSET;
221 *index =
222 OTP_CTRL_ROT_CREATOR_AUTH_CODESIGN_READ_LOCK_ROT_CREATOR_AUTH_CODESIGN_READ_LOCK_BIT;
223 break;
224 case kDifOtpCtrlPartitionRotCreatorAuthState:
225 *reg_offset = OTP_CTRL_ROT_CREATOR_AUTH_STATE_READ_LOCK_REG_OFFSET;
226 *index =
227 OTP_CTRL_ROT_CREATOR_AUTH_STATE_READ_LOCK_ROT_CREATOR_AUTH_STATE_READ_LOCK_BIT;
228 break;
229#elif defined(OPENTITAN_IS_DARJEELING)
230 case kDifOtpCtrlPartitionOwnershipSlotState:
231 *reg_offset = OTP_CTRL_OWNERSHIP_SLOT_STATE_READ_LOCK_REG_OFFSET;
232 *index =
233 OTP_CTRL_OWNERSHIP_SLOT_STATE_READ_LOCK_OWNERSHIP_SLOT_STATE_READ_LOCK_BIT;
234 break;
235 case kDifOtpCtrlPartitionRotCreatorAuth:
236 *reg_offset = OTP_CTRL_ROT_CREATOR_AUTH_READ_LOCK_REG_OFFSET;
237 *index =
238 OTP_CTRL_ROT_CREATOR_AUTH_READ_LOCK_ROT_CREATOR_AUTH_READ_LOCK_BIT;
239 break;
240 case kDifOtpCtrlPartitionRotOwnerAuthSlot0:
241 *reg_offset = OTP_CTRL_ROT_OWNER_AUTH_SLOT0_READ_LOCK_REG_OFFSET;
242 *index =
243 OTP_CTRL_ROT_OWNER_AUTH_SLOT0_READ_LOCK_ROT_OWNER_AUTH_SLOT0_READ_LOCK_BIT;
244 break;
245 case kDifOtpCtrlPartitionRotOwnerAuthSlot1:
246 *reg_offset = OTP_CTRL_ROT_OWNER_AUTH_SLOT1_READ_LOCK_REG_OFFSET;
247 *index =
248 OTP_CTRL_ROT_OWNER_AUTH_SLOT1_READ_LOCK_ROT_OWNER_AUTH_SLOT1_READ_LOCK_BIT;
249 break;
250 case kDifOtpCtrlPartitionPlatIntegAuthSlot0:
251 *reg_offset = OTP_CTRL_PLAT_INTEG_AUTH_SLOT0_READ_LOCK_REG_OFFSET;
252 *index =
253 OTP_CTRL_PLAT_INTEG_AUTH_SLOT0_READ_LOCK_PLAT_INTEG_AUTH_SLOT0_READ_LOCK_BIT;
254 break;
255 case kDifOtpCtrlPartitionPlatIntegAuthSlot1:
256 *reg_offset = OTP_CTRL_PLAT_INTEG_AUTH_SLOT1_READ_LOCK_REG_OFFSET;
257 *index =
258 OTP_CTRL_PLAT_INTEG_AUTH_SLOT1_READ_LOCK_PLAT_INTEG_AUTH_SLOT1_READ_LOCK_BIT;
259 break;
260 case kDifOtpCtrlPartitionPlatOwnerAuthSlot0:
261 *reg_offset = OTP_CTRL_PLAT_OWNER_AUTH_SLOT0_READ_LOCK_REG_OFFSET;
262 *index =
263 OTP_CTRL_PLAT_OWNER_AUTH_SLOT0_READ_LOCK_PLAT_OWNER_AUTH_SLOT0_READ_LOCK_BIT;
264 break;
265 case kDifOtpCtrlPartitionPlatOwnerAuthSlot1:
266 *reg_offset = OTP_CTRL_PLAT_OWNER_AUTH_SLOT1_READ_LOCK_REG_OFFSET;
267 *index =
268 OTP_CTRL_PLAT_OWNER_AUTH_SLOT1_READ_LOCK_PLAT_OWNER_AUTH_SLOT1_READ_LOCK_BIT;
269 break;
270 case kDifOtpCtrlPartitionPlatOwnerAuthSlot2:
271 *reg_offset = OTP_CTRL_PLAT_OWNER_AUTH_SLOT2_READ_LOCK_REG_OFFSET;
272 *index =
273 OTP_CTRL_PLAT_OWNER_AUTH_SLOT2_READ_LOCK_PLAT_OWNER_AUTH_SLOT2_READ_LOCK_BIT;
274 break;
275 case kDifOtpCtrlPartitionPlatOwnerAuthSlot3:
276 *reg_offset = OTP_CTRL_PLAT_OWNER_AUTH_SLOT3_READ_LOCK_REG_OFFSET;
277 *index =
278 OTP_CTRL_PLAT_OWNER_AUTH_SLOT3_READ_LOCK_PLAT_OWNER_AUTH_SLOT3_READ_LOCK_BIT;
279 break;
280 case kDifOtpCtrlPartitionExtNvm:
281 *reg_offset = OTP_CTRL_EXT_NVM_READ_LOCK_REG_OFFSET;
282 *index = OTP_CTRL_EXT_NVM_READ_LOCK_EXT_NVM_READ_LOCK_BIT;
283 break;
284 case kDifOtpCtrlPartitionRomPatch:
285 *reg_offset = OTP_CTRL_ROM_PATCH_READ_LOCK_REG_OFFSET;
286 *index = OTP_CTRL_ROM_PATCH_READ_LOCK_ROM_PATCH_READ_LOCK_BIT;
287 break;
288#else
289#error "dif_otp_ctrl does not support this top"
290#endif
291 default:
292 return false;
293 }
294 return true;
295}
296
297dif_result_t dif_otp_ctrl_lock_reading(const dif_otp_ctrl_t *otp,
298 dif_otp_ctrl_partition_t partition) {
299 if (otp == NULL) {
300 return kDifBadArg;
301 }
302
303 ptrdiff_t offset;
304 bitfield_bit32_index_t index;
305 if (!sw_read_lock_reg_offset(partition, &offset, &index)) {
306 return kDifBadArg;
307 }
308
309 uint32_t reg = bitfield_bit32_write(0, index, false);
310 mmio_region_write32(otp->base_addr, offset, reg);
311
312 return kDifOk;
313}
314
315dif_result_t dif_otp_ctrl_reading_is_locked(const dif_otp_ctrl_t *otp,
316 dif_otp_ctrl_partition_t partition,
317 bool *is_locked) {
318 if (otp == NULL || is_locked == NULL) {
319 return kDifBadArg;
320 }
321
322 ptrdiff_t offset;
323 bitfield_bit32_index_t index;
324 if (!sw_read_lock_reg_offset(partition, &offset, &index)) {
325 return kDifBadArg;
326 }
327
328 uint32_t reg = mmio_region_read32(otp->base_addr, offset);
329 *is_locked = !bitfield_bit32_read(reg, index);
330 return kDifOk;
331}
332
333dif_result_t dif_otp_ctrl_get_status(const dif_otp_ctrl_t *otp,
334 dif_otp_ctrl_status_t *status) {
335 if (otp == NULL || status == NULL) {
336 return kDifBadArg;
337 }
338
339 status->codes = 0;
340
341 // Read main STATUS register
342 uint32_t status_code_reg =
343 mmio_region_read32(otp->base_addr, OTP_CTRL_STATUS_REG_OFFSET);
344
345 // Only read PARTITION_STATUS_0 register if PARTITION_ERROR bit is set
346 if (bitfield_bit32_read(status_code_reg,
347 OTP_CTRL_STATUS_PARTITION_ERROR_BIT)) {
348 uint32_t num_part_status_regs = (kDifOtpCtrlNumberOfPartitions + 31) / 32;
349 for (int status_reg_num = 0; status_reg_num < num_part_status_regs;
350 ++status_reg_num) {
351 uint32_t partition_status_reg = mmio_region_read32(
352 otp->base_addr,
353 (ptrdiff_t)(OTP_CTRL_PARTITION_STATUS_0_REG_OFFSET +
354 (ptrdiff_t)sizeof(uint32_t) * status_reg_num));
355 // Process partition status bits
356 for (int status_idx = 0; status_idx < 32; ++status_idx) {
357 uint32_t partition_number =
358 (uint32_t)status_reg_num * 32 + (uint32_t)status_idx;
359 if (partition_number > kDifOtpCtrlNumberOfPartitions) {
360 break;
361 }
362 // If the error is not present at all, we clear its cause and bail
363 // immediately.
364 if (!bitfield_bit32_read(partition_status_reg,
365 (bitfield_bit32_index_t)status_idx)) {
366 status->causes[partition_number] = kDifOtpCtrlErrorOk;
367 continue;
368 }
369
370 // Set bit for partition error
371 status->codes = bitfield_bit32_write(
372 status->codes,
373 (bitfield_bit32_index_t)OTP_CTRL_STATUS_PARTITION_ERROR_BIT, true);
374
375 // Read and decode err_code register
376 dif_otp_ctrl_error_t err;
377 if (get_error_code(otp, partition_number, &err) != kDifOk) {
378 return kDifError;
379 }
380 status->causes[partition_number] = err;
381 }
382 }
383 } else {
384 // No partition errors, clear all partition error causes
385 for (int i = 0; i < kDifOtpCtrlNumberOfPartitions; ++i) {
386 status->causes[i] = kDifOtpCtrlErrorOk;
387 }
388 }
389
390 // Process DAI/LCI status bits from main STATUS register
391 for (int i = kDifOtpCtrlStatusCodeDaiError;
392 i <= kDifOtpCtrlStatusCodeLciError; ++i) {
393 uint32_t err_code_index = kDifOtpCtrlNumberOfPartitions - 1 + (uint32_t)i;
394 dif_otp_ctrl_error_t err = kDifOtpCtrlErrorOk;
395
396 if (bitfield_bit32_read(status_code_reg, (bitfield_bit32_index_t)i)) {
397 // Set error status code
398 status->codes =
399 bitfield_bit32_write(status->codes, (bitfield_bit32_index_t)i, true);
400
401 // Get error cause
402 if (get_error_code(otp, err_code_index, &err) != kDifOk) {
403 return kDifError;
404 }
405 }
406
407 status->causes[err_code_index] = err;
408 }
409
410 // Process other status bits from main STATUS register
411 for (int i = kDifOtpCtrlStatusCodeLciError + 1; i < kDifOtpCtrlNumberOfCauses;
412 ++i) {
413 if (!bitfield_bit32_read(status_code_reg, (bitfield_bit32_index_t)i)) {
414 continue;
415 }
416 // Set error status code
417 status->codes =
418 bitfield_bit32_write(status->codes, (bitfield_bit32_index_t)i, true);
419 }
420
421 return kDifOk;
422}
423
424typedef struct partition_info {
425 /**
426 * The absolute OTP address at which this partition starts.
427 */
428 uint32_t start_addr;
429 /**
430 * The length of this partition, in bytes, including the digest.
431 *
432 * If the partition has a digest, it is expected to be at address
433 * `start_addr + len - sizeof(uint64_t)`.
434 */
435 uint32_t len;
436 /**
437 * The alignment mask for this partition.
438 *
439 * A valid address for this partition must be such that
440 * `addr & align_mask == 0`.
441 */
442 uint32_t align_mask;
443
444 /**
445 * Whether this is a software-managed partition with a software-managed
446 * digest.
447 */
448 bool is_software;
449
450 /**
451 * Whether this partition has a digest field.
452 */
453 bool has_digest;
454
455 /**
456 * Whether this partition is the lifecycle partition.
457 */
458 bool is_lifecycle;
459} partition_info_t;
460
461// This is generates too many lines with different formatting variants, so
462// We opt to just disable formatting.
463// clang-format off
464static const partition_info_t kPartitions[] = {
465 [kDifOtpCtrlPartitionVendorTest] = {
466 .start_addr = OTP_CTRL_PARAM_VENDOR_TEST_OFFSET,
467 .len = OTP_CTRL_PARAM_VENDOR_TEST_SIZE,
468 .align_mask = 0x3,
469 .is_software = true,
470 .has_digest = true,
471 .is_lifecycle = false},
472 [kDifOtpCtrlPartitionCreatorSwCfg] = {
473 .start_addr = OTP_CTRL_PARAM_CREATOR_SW_CFG_OFFSET,
474 .len = OTP_CTRL_PARAM_CREATOR_SW_CFG_SIZE,
475 .align_mask = 0x3,
476 .is_software = true,
477 .has_digest = true,
478 .is_lifecycle = false},
479 [kDifOtpCtrlPartitionOwnerSwCfg] = {
480 .start_addr = OTP_CTRL_PARAM_OWNER_SW_CFG_OFFSET,
481 .len = OTP_CTRL_PARAM_OWNER_SW_CFG_SIZE,
482 .align_mask = 0x3,
483 .is_software = true,
484 .has_digest = true,
485 .is_lifecycle = false},
486#if defined(OPENTITAN_IS_EARLGREY)
487 [kDifOtpCtrlPartitionRotCreatorAuthCodesign] = {
488 .start_addr = OTP_CTRL_PARAM_ROT_CREATOR_AUTH_CODESIGN_OFFSET,
489 .len = OTP_CTRL_PARAM_ROT_CREATOR_AUTH_CODESIGN_SIZE,
490 .align_mask = 0x3,
491 .is_software = true,
492 .has_digest = true,
493 .is_lifecycle = false},
494 [kDifOtpCtrlPartitionRotCreatorAuthState] = {
495 .start_addr = OTP_CTRL_PARAM_ROT_CREATOR_AUTH_STATE_OFFSET,
496 .len = OTP_CTRL_PARAM_ROT_CREATOR_AUTH_STATE_SIZE,
497 .align_mask = 0x3,
498 .is_software = true,
499 .has_digest = true,
500 .is_lifecycle = false},
501#elif defined(OPENTITAN_IS_DARJEELING)
502 [kDifOtpCtrlPartitionOwnershipSlotState] = {
503 .start_addr = OTP_CTRL_PARAM_OWNERSHIP_SLOT_STATE_OFFSET,
504 .len = OTP_CTRL_PARAM_OWNERSHIP_SLOT_STATE_SIZE,
505 .align_mask = 0x3,
506 .is_software = true,
507 .has_digest = false,
508 .is_lifecycle = false},
509 [kDifOtpCtrlPartitionRotCreatorAuth] = {
510 .start_addr = OTP_CTRL_PARAM_ROT_CREATOR_AUTH_OFFSET,
511 .len = OTP_CTRL_PARAM_ROT_CREATOR_AUTH_SIZE,
512 .align_mask = 0x3,
513 .is_software = true,
514 .has_digest = true,
515 .is_lifecycle = false},
516 [kDifOtpCtrlPartitionRotOwnerAuthSlot0] = {
517 .start_addr = OTP_CTRL_PARAM_ROT_OWNER_AUTH_SLOT0_OFFSET,
518 .len = OTP_CTRL_PARAM_ROT_OWNER_AUTH_SLOT0_SIZE,
519 .align_mask = 0x3,
520 .is_software = true,
521 .has_digest = true,
522 .is_lifecycle = false},
523 [kDifOtpCtrlPartitionRotOwnerAuthSlot1] = {
524 .start_addr = OTP_CTRL_PARAM_ROT_OWNER_AUTH_SLOT1_OFFSET,
525 .len = OTP_CTRL_PARAM_ROT_OWNER_AUTH_SLOT1_SIZE,
526 .align_mask = 0x3,
527 .is_software = true,
528 .has_digest = true,
529 .is_lifecycle = false},
530 [kDifOtpCtrlPartitionPlatIntegAuthSlot0] = {
531 .start_addr = OTP_CTRL_PARAM_PLAT_INTEG_AUTH_SLOT0_OFFSET,
532 .len = OTP_CTRL_PARAM_PLAT_INTEG_AUTH_SLOT0_SIZE,
533 .align_mask = 0x3,
534 .is_software = true,
535 .has_digest = true,
536 .is_lifecycle = false},
537 [kDifOtpCtrlPartitionPlatIntegAuthSlot1] = {
538 .start_addr = OTP_CTRL_PARAM_PLAT_INTEG_AUTH_SLOT1_OFFSET,
539 .len = OTP_CTRL_PARAM_PLAT_INTEG_AUTH_SLOT1_SIZE,
540 .align_mask = 0x3,
541 .is_software = true,
542 .has_digest = true,
543 .is_lifecycle = false},
544 [kDifOtpCtrlPartitionPlatOwnerAuthSlot0] = {
545 .start_addr = OTP_CTRL_PARAM_PLAT_OWNER_AUTH_SLOT0_OFFSET,
546 .len = OTP_CTRL_PARAM_PLAT_OWNER_AUTH_SLOT0_SIZE,
547 .align_mask = 0x3,
548 .is_software = true,
549 .has_digest = true,
550 .is_lifecycle = false},
551 [kDifOtpCtrlPartitionPlatOwnerAuthSlot1] = {
552 .start_addr = OTP_CTRL_PARAM_PLAT_OWNER_AUTH_SLOT1_OFFSET,
553 .len = OTP_CTRL_PARAM_PLAT_OWNER_AUTH_SLOT1_SIZE,
554 .align_mask = 0x3,
555 .is_software = true,
556 .has_digest = true,
557 .is_lifecycle = false},
558 [kDifOtpCtrlPartitionPlatOwnerAuthSlot2] = {
559 .start_addr = OTP_CTRL_PARAM_PLAT_OWNER_AUTH_SLOT2_OFFSET,
560 .len = OTP_CTRL_PARAM_PLAT_OWNER_AUTH_SLOT2_SIZE,
561 .align_mask = 0x3,
562 .is_software = true,
563 .has_digest = true,
564 .is_lifecycle = false},
565 [kDifOtpCtrlPartitionPlatOwnerAuthSlot3] = {
566 .start_addr = OTP_CTRL_PARAM_PLAT_OWNER_AUTH_SLOT3_OFFSET,
567 .len = OTP_CTRL_PARAM_PLAT_OWNER_AUTH_SLOT3_SIZE,
568 .align_mask = 0x3,
569 .is_software = true,
570 .has_digest = true,
571 .is_lifecycle = false},
572 [kDifOtpCtrlPartitionExtNvm] = {
573 .start_addr = OTP_CTRL_PARAM_EXT_NVM_OFFSET,
574 .len = OTP_CTRL_PARAM_EXT_NVM_SIZE,
575 .align_mask = 0x3,
576 .is_software = true,
577 .has_digest = false,
578 .is_lifecycle = false},
579 [kDifOtpCtrlPartitionRomPatch] = {
580 .start_addr = OTP_CTRL_PARAM_ROM_PATCH_OFFSET,
581 .len = OTP_CTRL_PARAM_ROM_PATCH_SIZE,
582 .align_mask = 0x3,
583 .is_software = true,
584 .has_digest = true,
585 .is_lifecycle = false},
586#else
587#error "dif_otp_ctrl does not support this top"
588#endif
589 [kDifOtpCtrlPartitionHwCfg0] = {
590 .start_addr = OTP_CTRL_PARAM_HW_CFG0_OFFSET,
591 .len = OTP_CTRL_PARAM_HW_CFG0_SIZE,
592 .align_mask = 0x3,
593 .is_software = false,
594 .has_digest = true,
595 .is_lifecycle = false},
596 [kDifOtpCtrlPartitionHwCfg1] = {
597 .start_addr = OTP_CTRL_PARAM_HW_CFG1_OFFSET,
598 .len = OTP_CTRL_PARAM_HW_CFG1_SIZE,
599 .align_mask = 0x3,
600 .is_software = false,
601 .has_digest = true,
602 .is_lifecycle = false},
603 [kDifOtpCtrlPartitionSecret0] = {
604 .start_addr = OTP_CTRL_PARAM_SECRET0_OFFSET,
605 .len = OTP_CTRL_PARAM_SECRET0_SIZE,
606 .align_mask = 0x7,
607 .is_software = false,
608 .has_digest = true,
609 .is_lifecycle = false},
610 [kDifOtpCtrlPartitionSecret1] = {
611 .start_addr = OTP_CTRL_PARAM_SECRET1_OFFSET,
612 .len = OTP_CTRL_PARAM_SECRET1_SIZE,
613 .align_mask = 0x7,
614 .is_software = false,
615 .has_digest = true,
616 .is_lifecycle = false},
617 [kDifOtpCtrlPartitionSecret2] = {
618 .start_addr = OTP_CTRL_PARAM_SECRET2_OFFSET,
619 .len = OTP_CTRL_PARAM_SECRET2_SIZE,
620 .align_mask = 0x7,
621 .is_software = false,
622 .has_digest = true,
623 .is_lifecycle = false},
624#if defined(OPENTITAN_IS_DARJEELING)
625 [kDifOtpCtrlPartitionSecret3] = {
626 .start_addr = OTP_CTRL_PARAM_SECRET3_OFFSET,
627 .len = OTP_CTRL_PARAM_SECRET3_SIZE,
628 .align_mask = 0x7,
629 .is_software = false,
630 .has_digest = true,
631 .is_lifecycle = false},
632#elif defined(OPENTITAN_IS_EARLGREY)
633// Earlgrey only has 3 secret partitions.
634#else
635#error "dif_otp_ctrl does not support this top"
636#endif
637 [kDifOtpCtrlPartitionLifeCycle] = {
638 .start_addr = OTP_CTRL_PARAM_LIFE_CYCLE_OFFSET,
639 .len = OTP_CTRL_PARAM_LIFE_CYCLE_SIZE,
640 .align_mask = 0x3,
641 .is_software = false,
642 .has_digest = false,
643 .is_lifecycle = true},
644};
645// clang-format on
646
647dif_result_t dif_otp_ctrl_relative_address(dif_otp_ctrl_partition_t partition,
648 uint32_t abs_address,
649 uint32_t *relative_address) {
650 *relative_address = 0;
651
652 if (partition >= ARRAYSIZE(kPartitions)) {
653 return kDifBadArg;
654 }
655
656 if ((abs_address & kPartitions[partition].align_mask) != 0) {
657 return kDifUnaligned;
658 }
659
660 if (abs_address < kPartitions[partition].start_addr) {
661 return kDifOutOfRange;
662 }
663
664 *relative_address = abs_address - kPartitions[partition].start_addr;
665 if (*relative_address >= kPartitions[partition].len) {
666 *relative_address = 0;
667 return kDifOutOfRange;
668 }
669
670 return kDifOk;
671}
672
673dif_result_t dif_otp_ctrl_dai_read_start(const dif_otp_ctrl_t *otp,
674 dif_otp_ctrl_partition_t partition,
675 uint32_t address) {
676 if (otp == NULL || partition >= ARRAYSIZE(kPartitions)) {
677 return kDifBadArg;
678 }
679
680 if ((address & kPartitions[partition].align_mask) != 0) {
681 return kDifUnaligned;
682 }
683
684 if (address >= kPartitions[partition].len) {
685 return kDifOutOfRange;
686 }
687
688 address += kPartitions[partition].start_addr;
689 mmio_region_write32(otp->base_addr, OTP_CTRL_DIRECT_ACCESS_ADDRESS_REG_OFFSET,
690 address);
691
692 uint32_t cmd =
693 bitfield_bit32_write(0, OTP_CTRL_DIRECT_ACCESS_CMD_RD_BIT, true);
694 mmio_region_write32(otp->base_addr, OTP_CTRL_DIRECT_ACCESS_CMD_REG_OFFSET,
695 cmd);
696
697 return kDifOk;
698}
699
700dif_result_t dif_otp_ctrl_dai_read32_end(const dif_otp_ctrl_t *otp,
701 uint32_t *value) {
702 if (otp == NULL || value == NULL) {
703 return kDifBadArg;
704 }
705
706 *value = mmio_region_read32(otp->base_addr,
707 OTP_CTRL_DIRECT_ACCESS_RDATA_0_REG_OFFSET);
708 return kDifOk;
709}
710
711dif_result_t dif_otp_ctrl_dai_read64_end(const dif_otp_ctrl_t *otp,
712 uint64_t *value) {
713 if (otp == NULL || value == NULL) {
714 return kDifBadArg;
715 }
716
717 *value = mmio_region_read32(otp->base_addr,
718 OTP_CTRL_DIRECT_ACCESS_RDATA_1_REG_OFFSET);
719 *value <<= 32;
720 *value |= mmio_region_read32(otp->base_addr,
721 OTP_CTRL_DIRECT_ACCESS_RDATA_0_REG_OFFSET);
722 return kDifOk;
723}
724
725dif_result_t dif_otp_ctrl_dai_program32(const dif_otp_ctrl_t *otp,
726 dif_otp_ctrl_partition_t partition,
727 uint32_t address, uint32_t value) {
728 if (otp == NULL || partition >= ARRAYSIZE(kPartitions)) {
729 return kDifBadArg;
730 }
731
732 // Ensure that we are writing to a 32-bit-access partition by checking that
733 // the alignment mask is 0b11.
734 //
735 // Note furthermore that the LC partition is *not* writeable, so we eject
736 // here.
737 if (kPartitions[partition].align_mask != 0x3 ||
738 kPartitions[partition].is_lifecycle) {
739 return kDifError;
740 }
741
742 if ((address & kPartitions[partition].align_mask) != 0) {
743 return kDifUnaligned;
744 }
745
746 // NOTE: The bounds check is tightened here, since we disallow writing the
747 // digest directly. If the partition does not have a digest, no tightening is
748 // needed.
749 size_t digest_size = kPartitions[partition].has_digest * sizeof(uint64_t);
750 if (address >= kPartitions[partition].len - digest_size) {
751 return kDifOutOfRange;
752 }
753
754 address += kPartitions[partition].start_addr;
755 mmio_region_write32(otp->base_addr, OTP_CTRL_DIRECT_ACCESS_ADDRESS_REG_OFFSET,
756 address);
757
758 mmio_region_write32(otp->base_addr, OTP_CTRL_DIRECT_ACCESS_WDATA_0_REG_OFFSET,
759 value);
760
761 uint32_t cmd =
762 bitfield_bit32_write(0, OTP_CTRL_DIRECT_ACCESS_CMD_WR_BIT, true);
763 mmio_region_write32(otp->base_addr, OTP_CTRL_DIRECT_ACCESS_CMD_REG_OFFSET,
764 cmd);
765
766 return kDifOk;
767}
768
769dif_result_t dif_otp_ctrl_dai_program64(const dif_otp_ctrl_t *otp,
770 dif_otp_ctrl_partition_t partition,
771 uint32_t address, uint64_t value) {
772 if (otp == NULL || partition >= ARRAYSIZE(kPartitions)) {
773 return kDifBadArg;
774 }
775
776 // Ensure that we are writing to a 64-bit-access partition by checking that
777 // the alignment mask is 0b111.
778 if (kPartitions[partition].align_mask != 0x7) {
779 return kDifError;
780 }
781
782 if ((address & kPartitions[partition].align_mask) != 0) {
783 return kDifUnaligned;
784 }
785
786 // NOTE: The bounds check is tightened here, since we disallow writing the
787 // digest directly.
788 size_t digest_size = sizeof(uint64_t);
789 if (address >= kPartitions[partition].len - digest_size) {
790 return kDifOutOfRange;
791 }
792
793 address += kPartitions[partition].start_addr;
794 mmio_region_write32(otp->base_addr, OTP_CTRL_DIRECT_ACCESS_ADDRESS_REG_OFFSET,
795 address);
796
797 mmio_region_write32(otp->base_addr, OTP_CTRL_DIRECT_ACCESS_WDATA_0_REG_OFFSET,
798 value & UINT32_MAX);
799 mmio_region_write32(otp->base_addr, OTP_CTRL_DIRECT_ACCESS_WDATA_1_REG_OFFSET,
800 value >> 32);
801
802 uint32_t cmd =
803 bitfield_bit32_write(0, OTP_CTRL_DIRECT_ACCESS_CMD_WR_BIT, true);
804 mmio_region_write32(otp->base_addr, OTP_CTRL_DIRECT_ACCESS_CMD_REG_OFFSET,
805 cmd);
806
807 return kDifOk;
808}
809
810dif_result_t dif_otp_ctrl_dai_digest(const dif_otp_ctrl_t *otp,
811 dif_otp_ctrl_partition_t partition,
812 uint64_t digest) {
813 if (otp == NULL || partition >= ARRAYSIZE(kPartitions)) {
814 return kDifBadArg;
815 }
816
817 // Not all partitions have a digest.
818 if (!kPartitions[partition].has_digest) {
819 return kDifError;
820 }
821
822 // For software partitions, the digest must be nonzero; for all other
823 // partitions it must be zero.
824 bool is_sw = kPartitions[partition].is_software;
825 if (is_sw == (digest == 0)) {
826 return kDifBadArg;
827 }
828
829 uint32_t address = kPartitions[partition].start_addr;
830 if (is_sw) {
831 address += kPartitions[partition].len - sizeof(digest);
832 }
833 mmio_region_write32(otp->base_addr, OTP_CTRL_DIRECT_ACCESS_ADDRESS_REG_OFFSET,
834 address);
835
836 if (digest != 0) {
837 mmio_region_write32(otp->base_addr,
838 OTP_CTRL_DIRECT_ACCESS_WDATA_0_REG_OFFSET,
839 digest & 0xffffffff);
840 mmio_region_write32(otp->base_addr,
841 OTP_CTRL_DIRECT_ACCESS_WDATA_1_REG_OFFSET,
842 digest >> 32);
843 }
844
845 bitfield_bit32_index_t cmd_bit = is_sw
846 ? OTP_CTRL_DIRECT_ACCESS_CMD_WR_BIT
847 : OTP_CTRL_DIRECT_ACCESS_CMD_DIGEST_BIT;
848 uint32_t cmd = bitfield_bit32_write(0, cmd_bit, true);
849 mmio_region_write32(otp->base_addr, OTP_CTRL_DIRECT_ACCESS_CMD_REG_OFFSET,
850 cmd);
851
852 return kDifOk;
853}
854
855static bool get_digest_regs(dif_otp_ctrl_partition_t partition, ptrdiff_t *reg0,
856 ptrdiff_t *reg1) {
857 switch (partition) {
858 case kDifOtpCtrlPartitionVendorTest:
859 *reg0 = OTP_CTRL_VENDOR_TEST_DIGEST_0_REG_OFFSET;
860 *reg1 = OTP_CTRL_VENDOR_TEST_DIGEST_1_REG_OFFSET;
861 break;
862 case kDifOtpCtrlPartitionCreatorSwCfg:
863 *reg0 = OTP_CTRL_CREATOR_SW_CFG_DIGEST_0_REG_OFFSET;
864 *reg1 = OTP_CTRL_CREATOR_SW_CFG_DIGEST_1_REG_OFFSET;
865 break;
866 case kDifOtpCtrlPartitionOwnerSwCfg:
867 *reg0 = OTP_CTRL_OWNER_SW_CFG_DIGEST_0_REG_OFFSET;
868 *reg1 = OTP_CTRL_OWNER_SW_CFG_DIGEST_1_REG_OFFSET;
869 break;
870#if defined(OPENTITAN_IS_EARLGREY)
871 case kDifOtpCtrlPartitionRotCreatorAuthCodesign:
872 *reg0 = OTP_CTRL_ROT_CREATOR_AUTH_CODESIGN_DIGEST_0_REG_OFFSET;
873 *reg1 = OTP_CTRL_ROT_CREATOR_AUTH_CODESIGN_DIGEST_1_REG_OFFSET;
874 break;
875 case kDifOtpCtrlPartitionRotCreatorAuthState:
876 *reg0 = OTP_CTRL_ROT_CREATOR_AUTH_STATE_DIGEST_0_REG_OFFSET;
877 *reg1 = OTP_CTRL_ROT_CREATOR_AUTH_STATE_DIGEST_1_REG_OFFSET;
878 break;
879#elif defined(OPENTITAN_IS_DARJEELING)
880 case kDifOtpCtrlPartitionRotCreatorAuth:
881 *reg0 = OTP_CTRL_ROT_CREATOR_AUTH_DIGEST_0_REG_OFFSET;
882 *reg1 = OTP_CTRL_ROT_CREATOR_AUTH_DIGEST_1_REG_OFFSET;
883 break;
884 case kDifOtpCtrlPartitionRotOwnerAuthSlot0:
885 *reg0 = OTP_CTRL_ROT_OWNER_AUTH_SLOT0_DIGEST_0_REG_OFFSET;
886 *reg1 = OTP_CTRL_ROT_OWNER_AUTH_SLOT0_DIGEST_1_REG_OFFSET;
887 break;
888 case kDifOtpCtrlPartitionRotOwnerAuthSlot1:
889 *reg0 = OTP_CTRL_ROT_OWNER_AUTH_SLOT1_DIGEST_0_REG_OFFSET;
890 *reg1 = OTP_CTRL_ROT_OWNER_AUTH_SLOT1_DIGEST_1_REG_OFFSET;
891 break;
892 case kDifOtpCtrlPartitionPlatIntegAuthSlot0:
893 *reg0 = OTP_CTRL_PLAT_INTEG_AUTH_SLOT0_DIGEST_0_REG_OFFSET;
894 *reg1 = OTP_CTRL_PLAT_INTEG_AUTH_SLOT0_DIGEST_1_REG_OFFSET;
895 break;
896 case kDifOtpCtrlPartitionPlatIntegAuthSlot1:
897 *reg0 = OTP_CTRL_PLAT_INTEG_AUTH_SLOT1_DIGEST_0_REG_OFFSET;
898 *reg1 = OTP_CTRL_PLAT_INTEG_AUTH_SLOT1_DIGEST_1_REG_OFFSET;
899 break;
900 case kDifOtpCtrlPartitionPlatOwnerAuthSlot0:
901 *reg0 = OTP_CTRL_PLAT_OWNER_AUTH_SLOT0_DIGEST_0_REG_OFFSET;
902 *reg1 = OTP_CTRL_PLAT_OWNER_AUTH_SLOT0_DIGEST_1_REG_OFFSET;
903 break;
904 case kDifOtpCtrlPartitionPlatOwnerAuthSlot1:
905 *reg0 = OTP_CTRL_PLAT_OWNER_AUTH_SLOT1_DIGEST_0_REG_OFFSET;
906 *reg1 = OTP_CTRL_PLAT_OWNER_AUTH_SLOT1_DIGEST_1_REG_OFFSET;
907 break;
908 case kDifOtpCtrlPartitionPlatOwnerAuthSlot2:
909 *reg0 = OTP_CTRL_PLAT_OWNER_AUTH_SLOT2_DIGEST_0_REG_OFFSET;
910 *reg1 = OTP_CTRL_PLAT_OWNER_AUTH_SLOT2_DIGEST_1_REG_OFFSET;
911 break;
912 case kDifOtpCtrlPartitionPlatOwnerAuthSlot3:
913 *reg0 = OTP_CTRL_PLAT_OWNER_AUTH_SLOT3_DIGEST_0_REG_OFFSET;
914 *reg1 = OTP_CTRL_PLAT_OWNER_AUTH_SLOT3_DIGEST_1_REG_OFFSET;
915 break;
916 case kDifOtpCtrlPartitionRomPatch:
917 *reg0 = OTP_CTRL_ROM_PATCH_DIGEST_0_REG_OFFSET;
918 *reg1 = OTP_CTRL_ROM_PATCH_DIGEST_1_REG_OFFSET;
919 break;
920#else
921#error "dif_otp_ctrl does not support this top"
922#endif
923 case kDifOtpCtrlPartitionHwCfg0:
924 *reg0 = OTP_CTRL_HW_CFG0_DIGEST_0_REG_OFFSET;
925 *reg1 = OTP_CTRL_HW_CFG0_DIGEST_1_REG_OFFSET;
926 break;
927 case kDifOtpCtrlPartitionHwCfg1:
928 *reg0 = OTP_CTRL_HW_CFG1_DIGEST_0_REG_OFFSET;
929 *reg1 = OTP_CTRL_HW_CFG1_DIGEST_1_REG_OFFSET;
930 break;
931 case kDifOtpCtrlPartitionSecret0:
932 *reg0 = OTP_CTRL_SECRET0_DIGEST_0_REG_OFFSET;
933 *reg1 = OTP_CTRL_SECRET0_DIGEST_1_REG_OFFSET;
934 break;
935 case kDifOtpCtrlPartitionSecret1:
936 *reg0 = OTP_CTRL_SECRET1_DIGEST_0_REG_OFFSET;
937 *reg1 = OTP_CTRL_SECRET1_DIGEST_1_REG_OFFSET;
938 break;
939 case kDifOtpCtrlPartitionSecret2:
940 *reg0 = OTP_CTRL_SECRET2_DIGEST_0_REG_OFFSET;
941 *reg1 = OTP_CTRL_SECRET2_DIGEST_1_REG_OFFSET;
942 break;
943#if defined(OPENTITAN_IS_DARJEELING)
944 case kDifOtpCtrlPartitionSecret3:
945 *reg0 = OTP_CTRL_SECRET3_DIGEST_0_REG_OFFSET;
946 *reg1 = OTP_CTRL_SECRET3_DIGEST_1_REG_OFFSET;
947 break;
948#elif defined(OPENTITAN_IS_EARLGREY)
949// Earlgrey only has 3 secret partitions.
950#else
951#error "dif_otp_ctrl does not support this top"
952#endif
953 default:
954 return false;
955 }
956
957 return true;
958}
959
960dif_result_t dif_otp_ctrl_is_digest_computed(const dif_otp_ctrl_t *otp,
961 dif_otp_ctrl_partition_t partition,
962 bool *is_computed) {
963 if (otp == NULL || is_computed == NULL) {
964 return kDifBadArg;
965 }
966
967 ptrdiff_t reg0, reg1;
968 if (!get_digest_regs(partition, &reg0, &reg1)) {
969 return kDifBadArg;
970 }
971
972 uint64_t value = mmio_region_read32(otp->base_addr, reg1);
973 value <<= 32;
974 value |= mmio_region_read32(otp->base_addr, reg0);
975
976 *is_computed = value != 0;
977
978 return kDifOk;
979}
980
981dif_result_t dif_otp_ctrl_get_digest(const dif_otp_ctrl_t *otp,
982 dif_otp_ctrl_partition_t partition,
983 uint64_t *digest) {
984 if (otp == NULL || digest == NULL) {
985 return kDifBadArg;
986 }
987
988 ptrdiff_t reg0, reg1;
989 if (!get_digest_regs(partition, &reg0, &reg1)) {
990 return kDifBadArg;
991 }
992
993 uint64_t value = mmio_region_read32(otp->base_addr, reg1);
994 value <<= 32;
995 value |= mmio_region_read32(otp->base_addr, reg0);
996
997 if (value == 0) {
998 return kDifError;
999 }
1000 *digest = value;
1001
1002 return kDifOk;
1003}
1004
1005dif_result_t dif_otp_ctrl_read_blocking(const dif_otp_ctrl_t *otp,
1006 dif_otp_ctrl_partition_t partition,
1007 uint32_t address, uint32_t *buf,
1008 size_t len) {
1009 if (otp == NULL || partition >= ARRAYSIZE(kPartitions) || buf == NULL) {
1010 return kDifBadArg;
1011 }
1012
1013 if (!kPartitions[partition].is_software) {
1014 return kDifError;
1015 }
1016
1017 if ((address & kPartitions[partition].align_mask) != 0) {
1018 return kDifUnaligned;
1019 }
1020
1021 if (address + len >= kPartitions[partition].len) {
1022 return kDifOutOfRange;
1023 }
1024
1025 uint32_t reg_offset = OTP_CTRL_SW_CFG_WINDOW_REG_OFFSET +
1026 kPartitions[partition].start_addr + address;
1027 mmio_region_memcpy_from_mmio32(otp->base_addr, reg_offset, buf,
1028 len * sizeof(uint32_t));
1029 return kDifOk;
1030}