The STM STM32MP15 CPU provides a set of one-time programmable bits (OTPs) structured as 3072 effective bits. The OTPs are accessed through 32-bit words.

Kernel configuration

You can manage the OTP driver support through the kernel configuration option:

  • STM32 factory-programmed memory support (CONFIG_NVMEM_STM32_ROMEM)

This option is enabled as built-in on the ConnectCore MP15 default kernel configuration file.

Kernel driver

The memory driver is located at:

File Description

drivers/nvmem/stm32-romem.c

STM32 factory-programmed memory support

Device tree bindings

The STM32MP15 OTP memory driver device tree binding are documented at

File

Description

Documentation/devicetree/bindings/nvmem/st,stm32-romem.yaml

STM32 BSEC device tree binding

Documentation/devicetree/bindings/nvmem/nvmem.yaml

Generic NVMEM device tree bindings

Documentation/devicetree/bindings/nvmem/nvmem-consumer.yaml

Generic device tree bindings

The STM32MP15 device tree include file defines the bsec node and inside it, a number of relevant OTP words.

STM32MP15 device tree
bsec: efuse@5c005000 {
	compatible = "st,stm32mp15-bsec";
	reg = <0x5c005000 0x400>;
	clocks = <&scmi_clk CK_SCMI_BSEC>;
	#address-cells = <1>;
	#size-cells = <1>;
	part_number_otp: part_number_otp@4 {
		reg = <0x4 0x1>;
	};
	vrefint: calib@52 {
		reg = <0x52 0x2>;
	};
	ts_cal1: calib@5c {
		reg = <0x5c 0x2>;
	};
	ts_cal2: calib@5e {
		reg = <0x5e 0x2>;
	};
	ethernet_mac_address: mac@e4 {
		reg = <0xe4 0x6>;
	};
};

OTP user space usage

The OTP words are accessible through the sysfs at /sys/bus/nvmem/devices/stm32-romem0/nvmem.

It is not possible to write to OTP data with Linux driver; BSEC is defined as a read-only NVMEM device. This is done to prevent accidentally programming the OTP bits.

Read the OTP bits

To dump the values of all OTP words:

# hexdump -e '"%08_ax: " 4/4 "%08x " "\n"' /sys/bus/nvmem/devices/stm32-romem0/nvmem
00000000: 00000017 00008000 a0200000 00000000
00000010: 00000000 00000000 00000000 00000000
*
00000030: 7cf5f917 00360035 32315117 32393532
00000040: 139685e7 20eb0868 7c3f0140 06be143d
00000050: 5da5003b 00000000 00000000 3f992fe9
00000060: 00000000 00000000 00000000 00000000
Certain OTP words, such as security keys, cannot be read so they show as 00000000.

To dump only a certain OTP word, do not use the -s parameter of the hexdump command. Instead, use the dd command and pipe the result to hexdump. To calculate the offset of the word, use the formula:

\$"Offset" = "Word" / 4\$

For example, for Word 48, the offset is 48 / 4 = 12.

Use dd with a block size (bs) of 4 bytes, a count of 1 word, and skip the calculated offset:

# dd status=none if=/sys/bus/nvmem/devices/stm32-romem0/nvmem of=/dev/stdout bs=4 count=1 skip=12 | hexdump -v -e '4/4 "%08x " "\n"'
7cf5f917