Cygnus: add TrustZone functions and set everything non-secure in bootblock
To allow an OS to run in non-secure mode: - Set all peripherals and system components non-secure except SOTP and TZPC. - Set all memory non-secure (ROM, SRAM, DDR, flash). - Enable A9 access to entire M0 address space except M0 ROM. BUG=chrome-os-partner:37533 BRANCH=broadcom-firmware TEST=boot kernel from usb stick Change-Id: I3bbd288863923011ff1413be353ac4b178ffdd07 Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 6de56bbe73ed8d87ad572da711a193985ee68e3a Original-Signed-off-by: Corneliu Doban <cdoban@broadcom.com> Original-Reviewed-on: https://chrome-internal-review.googlesource.com/212735 Original-Reviewed-by: Daisuke Nojiri <dnojiri@google.com> Original-Commit-Queue: Daisuke Nojiri <dnojiri@google.com> Original-Tested-by: Daisuke Nojiri <dnojiri@google.com> Original-Change-Id: Ibac7de03a72a98fbd95659d0113833049b4871a5 Original-Reviewed-on: https://chromium-review.googlesource.com/266593 Original-Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Tested-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Commit-Queue: Daisuke Nojiri <dnojiri@chromium.org> Original-Trybot-Ready: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: http://review.coreboot.org/9985 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
This commit is contained in:
parent
6e20e2f168
commit
189bec59f0
|
@ -21,6 +21,7 @@ bootblock-y += bootblock.c
|
||||||
bootblock-y += cbmem.c
|
bootblock-y += cbmem.c
|
||||||
bootblock-y += i2c.c
|
bootblock-y += i2c.c
|
||||||
bootblock-y += timer.c
|
bootblock-y += timer.c
|
||||||
|
bootblock-y += tz.c
|
||||||
bootblock-y += hw_init.c
|
bootblock-y += hw_init.c
|
||||||
bootblock-$(CONFIG_SPI_FLASH) += spi.c
|
bootblock-$(CONFIG_SPI_FLASH) += spi.c
|
||||||
ifeq ($(CONFIG_BOOTBLOCK_CONSOLE),y)
|
ifeq ($(CONFIG_BOOTBLOCK_CONSOLE),y)
|
||||||
|
|
|
@ -18,75 +18,139 @@
|
||||||
#include <arch/io.h>
|
#include <arch/io.h>
|
||||||
#include <delay.h>
|
#include <delay.h>
|
||||||
#include <console/console.h>
|
#include <console/console.h>
|
||||||
|
#include <soc/tz.h>
|
||||||
#include <soc/hw_init.h>
|
#include <soc/hw_init.h>
|
||||||
|
|
||||||
/*****************************************************************************
|
/*****************************************************************************
|
||||||
* TrustZone
|
* TrustZone
|
||||||
*****************************************************************************/
|
*****************************************************************************/
|
||||||
#define TZPC_TZPCDECPROT0SET 0x18034804
|
#define IHOST_SCU_SECURE_ACCESS 0x19020054
|
||||||
#define TZPC_TZPCDECPROT0CLR 0x18034808
|
|
||||||
#define TZPC_TZPCDECPROT1SET 0x18034810
|
|
||||||
#define TZPC_TZPCDECPROT1CLR 0x18034814
|
|
||||||
#define TZPC_TZPCDECPROT2SET 0x1803481c
|
|
||||||
#define TZPC_TZPCDECPROT2CLR 0x18034820
|
|
||||||
|
|
||||||
#define TZPCDECPROT0_MASK 0x000000FF
|
#define SMAU_NIC_IDM_TZ_BASE 0x180150a0
|
||||||
#define TZPCDECPROT1_MASK 0x000000FF
|
#define SMAU_DDR_TZ_BASE 0x18015200
|
||||||
#define TZPCDECPROT2_MASK 0x000000FF
|
#define SMAU_FLASH0_TZ_BASE 0x18015300
|
||||||
|
#define SMAU_FLASH1_TZ_BASE 0x18015308
|
||||||
|
#define SMAU_FLASH2_TZ_BASE 0x18015310
|
||||||
|
#define SMAU_FLASH3_TZ_BASE 0x18015318
|
||||||
|
#define SMAU_TZ_BASE_ENABLE 0x00000001
|
||||||
|
|
||||||
#define TZ_STATE_SECURE 0
|
#define CRMU_IPROC_ADDR_RANGE0_LOW 0x03024c30
|
||||||
#define TZ_STATE_NON_SECURE 1
|
#define CRMU_IPROC_ADDR_RANGE0_HIGH 0x03024c34
|
||||||
|
#define CRMU_ADDR_MASK 0xffffff00
|
||||||
|
#define CRMU_ADDR_VALID 0x00000001
|
||||||
|
#define CRMU_ADDR_START 0x03010000
|
||||||
|
#define CRMU_ADDR_END 0x03100000
|
||||||
|
|
||||||
#define CYGNUS_M_PCIE0_M0 0x00000003
|
static void scu_ns_config(void)
|
||||||
#define CYGNUS_M_PCIE1_M0 0x0000000c
|
|
||||||
#define CYGNUS_M_CMICD_M0 0x00000030
|
|
||||||
#define CYGNUS_M_EXT_M0 0x000000c0
|
|
||||||
|
|
||||||
#define CYGNUS_M_EXT_M1 (0x00000003 << 8)
|
|
||||||
#define CYGNUS_M_SDIO_M0 (0x0000000c << 8)
|
|
||||||
#define CYGNUS_M_SDIO_M1 (0x00000030 << 8)
|
|
||||||
#define CYGNUS_M_AMAC_M0 (0x000000c0 << 8)
|
|
||||||
|
|
||||||
#define CYGNUS_M_AMAC_M1 (0x00000003 << 16)
|
|
||||||
#define CYGNUS_M_USB2H_M0 (0x0000000c << 16)
|
|
||||||
#define CYGNUS_M_USB2D_M0 (0x00000030 << 16)
|
|
||||||
#define CYGNUS_M_A9JTAG_M0 (0x000000c0 << 16)
|
|
||||||
|
|
||||||
#define IPROC_M_PCIE (CYGNUS_M_PCIE0_M0 | CYGNUS_M_PCIE1_M0)
|
|
||||||
#define IPROC_M_EXT (CYGNUS_M_EXT_M0 | CYGNUS_M_EXT_M1)
|
|
||||||
#define IPROC_M_SDIO (CYGNUS_M_SDIO_M0 | CYGNUS_M_SDIO_M1)
|
|
||||||
#define IPROC_M_AMAC (CYGNUS_M_AMAC_M0 | CYGNUS_M_AMAC_M1)
|
|
||||||
#define IPROC_M_USB (CYGNUS_M_USB2H_M0 | CYGNUS_M_USB2D_M0)
|
|
||||||
#define IPROC_M_CMICD (CYGNUS_M_CMICD_M0)
|
|
||||||
|
|
||||||
static void tz_set_masters_security(uint32_t masters, uint32_t ns_bit)
|
|
||||||
{
|
{
|
||||||
uint32_t val = 0;
|
/*
|
||||||
|
* Enable NS SCU access to ARM global timer, private timer, and
|
||||||
|
* components
|
||||||
|
*/
|
||||||
|
write32((void *)IHOST_SCU_SECURE_ACCESS, 0xFFF);
|
||||||
|
}
|
||||||
|
|
||||||
/* Check any TZPCDECPROT0 is set and then write to TZPCDECPROT0 */
|
static void smau_ns_config(void)
|
||||||
if (masters & TZPCDECPROT0_MASK) {
|
{
|
||||||
val = masters & TZPCDECPROT0_MASK;
|
unsigned int val;
|
||||||
if (ns_bit)
|
|
||||||
write32((void *)TZPC_TZPCDECPROT0SET, val);
|
/* Disable SMAU NIC IDM TZ */
|
||||||
else
|
val = read32((void *)SMAU_NIC_IDM_TZ_BASE);
|
||||||
write32((void *)TZPC_TZPCDECPROT0CLR, val);
|
val &= ~SMAU_TZ_BASE_ENABLE;
|
||||||
|
write32((void *)SMAU_NIC_IDM_TZ_BASE, val);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Disable DDR TZ base
|
||||||
|
*
|
||||||
|
* This means the entire DDR is marked as NONSECURE (NS)
|
||||||
|
*
|
||||||
|
* NOTE: In the future, multiple regions of DDR may need to be marked
|
||||||
|
* as SECURE for secure OS and other TZ usages
|
||||||
|
*/
|
||||||
|
val = read32((void *)SMAU_DDR_TZ_BASE);
|
||||||
|
val &= ~SMAU_TZ_BASE_ENABLE;
|
||||||
|
write32((void *)SMAU_DDR_TZ_BASE, val);
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Disable flash TZ support
|
||||||
|
*
|
||||||
|
* The entire flash is currently marked as NS
|
||||||
|
*
|
||||||
|
* NOTE: In the future, multiple regions of flash may need to be marked
|
||||||
|
* as SECURE for secure OS and other TZ firmware/data storage
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* Flash 0: ROM */
|
||||||
|
val = read32((void *)SMAU_FLASH0_TZ_BASE);
|
||||||
|
val &= ~SMAU_TZ_BASE_ENABLE;
|
||||||
|
write32((void *)SMAU_FLASH0_TZ_BASE, val);
|
||||||
|
|
||||||
|
/* Flash 1: QSPI */
|
||||||
|
val = read32((void *)SMAU_FLASH1_TZ_BASE);
|
||||||
|
val &= ~SMAU_TZ_BASE_ENABLE;
|
||||||
|
write32((void *)SMAU_FLASH1_TZ_BASE, val);
|
||||||
|
|
||||||
|
/* Flash 2: NAND */
|
||||||
|
val = read32((void *)SMAU_FLASH2_TZ_BASE);
|
||||||
|
val &= ~SMAU_TZ_BASE_ENABLE;
|
||||||
|
write32((void *)SMAU_FLASH2_TZ_BASE, val);
|
||||||
|
|
||||||
|
/* Flash 3: PNOR */
|
||||||
|
val = read32((void *)SMAU_FLASH3_TZ_BASE);
|
||||||
|
val &= ~SMAU_TZ_BASE_ENABLE;
|
||||||
|
write32((void *)SMAU_FLASH3_TZ_BASE, val);
|
||||||
}
|
}
|
||||||
/* Check any TZPCDECPROT1 is set and then write to TZPCDECPROT1 */
|
|
||||||
if ((masters >> 8) & TZPCDECPROT1_MASK) {
|
static void crmu_ns_config(void)
|
||||||
val = (masters >> 8) & TZPCDECPROT1_MASK;
|
{
|
||||||
if (ns_bit)
|
|
||||||
write32((void *)TZPC_TZPCDECPROT1SET, val);
|
/*
|
||||||
else
|
* Currently opens up the entire CRMU to allow iPROC NS access
|
||||||
write32((void *)TZPC_TZPCDECPROT1CLR, val);
|
*
|
||||||
}
|
* NOTE: In the future, we might want to protect particular CRMU
|
||||||
/* Check any TZPCDECPROT2 is set and then write to TZPCDECPROT2 */
|
* sub-blocks to allow SECURE access only. That can be done by
|
||||||
if ((masters >> 16) & TZPCDECPROT2_MASK) {
|
* programing the CRMU IPROC address range registers. Up to 4 access
|
||||||
val = (masters >> 16) & TZPCDECPROT2_MASK;
|
* windows can be created
|
||||||
if (ns_bit)
|
*/
|
||||||
write32((void *)TZPC_TZPCDECPROT2SET, val);
|
write32((void *)CRMU_IPROC_ADDR_RANGE0_LOW,
|
||||||
else
|
(CRMU_ADDR_START & CRMU_ADDR_MASK) | CRMU_ADDR_VALID);
|
||||||
write32((void *)TZPC_TZPCDECPROT2CLR, val);
|
write32((void *)CRMU_IPROC_ADDR_RANGE0_HIGH,
|
||||||
|
(CRMU_ADDR_END & CRMU_ADDR_MASK) | CRMU_ADDR_VALID);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void tz_init(void)
|
||||||
|
{
|
||||||
|
/* Configure the Cygnus for non-secure access */
|
||||||
|
/* ARM Cortex A9 SCU NS access configuration */
|
||||||
|
scu_ns_config();
|
||||||
|
|
||||||
|
/* SMAU NS related configurations */
|
||||||
|
smau_ns_config();
|
||||||
|
|
||||||
|
/* CRMU NS related configurations */
|
||||||
|
crmu_ns_config();
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Configure multiple masters and slaves to run in NS
|
||||||
|
*/
|
||||||
|
tz_set_non_virtual_slaves_security(0xFFFFFFFF, TZ_STATE_NON_SECURE);
|
||||||
|
tz_set_periph_security(0xFFFFFFFF, TZ_STATE_NON_SECURE);
|
||||||
|
tz_set_masters_security(0xFFFFFFFF, TZ_STATE_NON_SECURE);
|
||||||
|
tz_set_wrapper_security(0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
|
||||||
|
TZ_STATE_NON_SECURE);
|
||||||
|
tz_set_cfg_slaves_security(0xFFFFFFFF, TZ_STATE_NON_SECURE);
|
||||||
|
|
||||||
|
tz_set_ext_slaves_security(0xFFFFFFFF, TZ_STATE_NON_SECURE);
|
||||||
|
|
||||||
|
/* configure sec peripherals to be accessed from non-secure world */
|
||||||
|
tz_set_sec_periphs_security(0xFFFFFFFF &
|
||||||
|
~(CYGNUS_sec_periph_APBz_sotp |
|
||||||
|
CYGNUS_sec_periph_APBz_tzpc),
|
||||||
|
TZ_STATE_NON_SECURE);
|
||||||
|
|
||||||
|
/* default sram to non-secure */
|
||||||
|
tz_set_sram_sec_region(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*****************************************************************************
|
/*****************************************************************************
|
||||||
|
@ -350,10 +414,6 @@ static void ccu_init(void)
|
||||||
/*****************************************************************************
|
/*****************************************************************************
|
||||||
* LCD
|
* LCD
|
||||||
*****************************************************************************/
|
*****************************************************************************/
|
||||||
#define ASIU_TOP_LCD_AXI_SB_CTRL 0x180aa02c
|
|
||||||
#define ASIU_TOP_LCD_AXI_SB_CTRL_LCD_ARPROT_MASK 0x03800000
|
|
||||||
#define ASIU_TOP_LCD_AXI_SB_CTRL_LCD_HPROT_NON_SECURE 0x40000000
|
|
||||||
|
|
||||||
#define ASIU_TOP_CLK_GATING_CTRL 0x180aa024
|
#define ASIU_TOP_CLK_GATING_CTRL 0x180aa024
|
||||||
#define ASIU_TOP_CLK_GATING_CTRL_LCD_CLK_GATE_EN 0x00000010
|
#define ASIU_TOP_CLK_GATING_CTRL_LCD_CLK_GATE_EN 0x00000010
|
||||||
#define ASIU_TOP_CLK_GATING_CTRL_MIPI_DSI_CLK_GATE_EN 0x00000008
|
#define ASIU_TOP_CLK_GATING_CTRL_MIPI_DSI_CLK_GATE_EN 0x00000008
|
||||||
|
@ -364,12 +424,6 @@ static void lcd_init(void)
|
||||||
{
|
{
|
||||||
unsigned int val;
|
unsigned int val;
|
||||||
|
|
||||||
val = read32((void *)ASIU_TOP_LCD_AXI_SB_CTRL);
|
|
||||||
/* set LCD_ARPROT and LCD_HPROT_NON_SECURE to 0 */
|
|
||||||
val &= ~(ASIU_TOP_LCD_AXI_SB_CTRL_LCD_ARPROT_MASK |
|
|
||||||
ASIU_TOP_LCD_AXI_SB_CTRL_LCD_HPROT_NON_SECURE);
|
|
||||||
write32((void *)ASIU_TOP_LCD_AXI_SB_CTRL, val);
|
|
||||||
|
|
||||||
/* make sure the LCD clock is ungated */
|
/* make sure the LCD clock is ungated */
|
||||||
val = read32((void *)ASIU_TOP_CLK_GATING_CTRL);
|
val = read32((void *)ASIU_TOP_CLK_GATING_CTRL);
|
||||||
val |= ASIU_TOP_CLK_GATING_CTRL_LCD_CLK_GATE_EN;
|
val |= ASIU_TOP_CLK_GATING_CTRL_LCD_CLK_GATE_EN;
|
||||||
|
@ -423,22 +477,10 @@ static void lcd_qos_init(unsigned int qos)
|
||||||
/*****************************************************************************
|
/*****************************************************************************
|
||||||
* V3D
|
* V3D
|
||||||
*****************************************************************************/
|
*****************************************************************************/
|
||||||
#define ASIU_TOP_GFX_AXI_SB_CTRL 0x180aa034
|
|
||||||
#define ASIU_TOP_GFX_AXI_SB_CTRL_GFX_ARPROT_MASK 0x03800000
|
|
||||||
#define ASIU_TOP_GFX_AXI_SB_CTRL_GFX_AWPROT_MASK 0x00700000
|
|
||||||
|
|
||||||
static void v3d_init(void)
|
static void v3d_init(void)
|
||||||
{
|
{
|
||||||
unsigned int val;
|
unsigned int val;
|
||||||
|
|
||||||
val = read32((void *)ASIU_TOP_GFX_AXI_SB_CTRL);
|
|
||||||
/*
|
|
||||||
* set both GFX_ARPROT and GFX_AWPROT to 0
|
|
||||||
*/
|
|
||||||
val &= ~(ASIU_TOP_GFX_AXI_SB_CTRL_GFX_ARPROT_MASK |
|
|
||||||
ASIU_TOP_GFX_AXI_SB_CTRL_GFX_AWPROT_MASK);
|
|
||||||
write32((void *)ASIU_TOP_GFX_AXI_SB_CTRL, val);
|
|
||||||
|
|
||||||
/* make sure the V3D clock is ungated */
|
/* make sure the V3D clock is ungated */
|
||||||
val = read32((void *)ASIU_TOP_CLK_GATING_CTRL);
|
val = read32((void *)ASIU_TOP_CLK_GATING_CTRL);
|
||||||
val |= ASIU_TOP_CLK_GATING_CTRL_MIPI_DSI_CLK_GATE_EN |
|
val |= ASIU_TOP_CLK_GATING_CTRL_MIPI_DSI_CLK_GATE_EN |
|
||||||
|
@ -455,10 +497,6 @@ static void v3d_init(void)
|
||||||
#define CRMU_PLL_AON_CTRL_ASIU_AUDIO_GENPLL_PWRON_LDO 0x00000200
|
#define CRMU_PLL_AON_CTRL_ASIU_AUDIO_GENPLL_PWRON_LDO 0x00000200
|
||||||
#define CRMU_PLL_AON_CTRL_ASIU_AUDIO_GENPLL_ISO_IN 0x00000100
|
#define CRMU_PLL_AON_CTRL_ASIU_AUDIO_GENPLL_ISO_IN 0x00000100
|
||||||
|
|
||||||
#define ASIU_TOP_AUD_AXI_SB_CTRL 0x180aa028
|
|
||||||
#define ASIU_TOP_AUD_AXI_SB_CTRL_AUD_ARPROT_MASK 0x03800000
|
|
||||||
#define ASIU_TOP_AUD_AXI_SB_CTRL_AUD_AWPROT_MASK 0x00700000
|
|
||||||
|
|
||||||
static void audio_init(void)
|
static void audio_init(void)
|
||||||
{
|
{
|
||||||
unsigned int val;
|
unsigned int val;
|
||||||
|
@ -475,12 +513,6 @@ static void audio_init(void)
|
||||||
val |= CRMU_PLL_AON_CTRL_ASIU_AUDIO_GENPLL_PWRON_PLL;
|
val |= CRMU_PLL_AON_CTRL_ASIU_AUDIO_GENPLL_PWRON_PLL;
|
||||||
val &= ~CRMU_PLL_AON_CTRL_ASIU_AUDIO_GENPLL_ISO_IN;
|
val &= ~CRMU_PLL_AON_CTRL_ASIU_AUDIO_GENPLL_ISO_IN;
|
||||||
write32((void *)CRMU_PLL_AON_CTRL, val);
|
write32((void *)CRMU_PLL_AON_CTRL, val);
|
||||||
|
|
||||||
/* Clear AWPROT and ARPROT signals to audio block. */
|
|
||||||
val = read32((void *)ASIU_TOP_AUD_AXI_SB_CTRL);
|
|
||||||
val &= ~(ASIU_TOP_AUD_AXI_SB_CTRL_AUD_AWPROT_MASK |
|
|
||||||
ASIU_TOP_AUD_AXI_SB_CTRL_AUD_ARPROT_MASK);
|
|
||||||
write32((void *)ASIU_TOP_AUD_AXI_SB_CTRL, val);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*****************************************************************************
|
/*****************************************************************************
|
||||||
|
@ -707,12 +739,10 @@ static void sdio_init(void)
|
||||||
|
|
||||||
void hw_init(void)
|
void hw_init(void)
|
||||||
{
|
{
|
||||||
tz_set_masters_security(IPROC_M_PCIE | IPROC_M_EXT | IPROC_M_SDIO |
|
tz_init();
|
||||||
IPROC_M_AMAC | IPROC_M_USB | IPROC_M_CMICD,
|
|
||||||
TZ_STATE_SECURE);
|
|
||||||
printk(BIOS_INFO, "trustzone initialized\n");
|
printk(BIOS_INFO, "trustzone initialized\n");
|
||||||
dmac_init();
|
dmac_init();
|
||||||
printk(BIOS_INFO, "PL022 DMAC initialized\n");
|
printk(BIOS_INFO, "PL330 DMAC initialized\n");
|
||||||
lcd_init();
|
lcd_init();
|
||||||
lcd_qos_init(15);
|
lcd_qos_init(15);
|
||||||
printk(BIOS_INFO, "LCD initialized\n");
|
printk(BIOS_INFO, "LCD initialized\n");
|
||||||
|
|
|
@ -0,0 +1,226 @@
|
||||||
|
/*
|
||||||
|
* Copyright (C) 2015 Broadcom Corporation
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; version 2 of the License.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef __SOC_BROADCOM_CYGNUS_TZ_H__
|
||||||
|
#define __SOC_BROADCOM_CYGNUS_TZ_H__
|
||||||
|
|
||||||
|
#define TZ_STATE_SECURE 0
|
||||||
|
#define TZ_STATE_NON_SECURE 1
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Masters (for parameter masters in "tz_set_masters_security")
|
||||||
|
*/
|
||||||
|
#define CYGNUS_M_Pcie0_m0 0x00000003
|
||||||
|
#define CYGNUS_M_Pcie1_m0 0x0000000c
|
||||||
|
#define CYGNUS_M_cmicd_m0 0x00000030
|
||||||
|
#define CYGNUS_M_ext_m0 0x000000c0
|
||||||
|
|
||||||
|
#define CYGNUS_M_ext_m1 (0x00000003 << 8)
|
||||||
|
#define CYGNUS_M_sdio_m0 (0x0000000c << 8)
|
||||||
|
#define CYGNUS_M_sdio_m1 (0x00000030 << 8)
|
||||||
|
#define CYGNUS_M_amac_m0 (0x000000c0 << 8)
|
||||||
|
|
||||||
|
#define CYGNUS_M_amac_m1 (0x00000003 << 16)
|
||||||
|
#define CYGNUS_M_usb2h_m0 (0x0000000c << 16)
|
||||||
|
#define CYGNUS_M_usb2d_m0 (0x00000030 << 16)
|
||||||
|
#define CYGNUS_M_a9jtag_m0 (0x000000c0 << 16)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Non virtual slaves (for parameter slave_vector in "tz_set_non_virtual_slaves_security")
|
||||||
|
* Note: the order has to match the order in non_virtual_slave_regs[] array from tz.c
|
||||||
|
*/
|
||||||
|
#define CYGNUS_S_Ihost_acp (0x1 << 0)
|
||||||
|
#define CYGNUS_S_PCIe0_s0 (0x1 << 1)
|
||||||
|
#define CYGNUS_S_PCIe1_s0 (0x1 << 2)
|
||||||
|
#define CYGNUS_S_ihost_s0 (0x1 << 3)
|
||||||
|
#define CYGNUS_S_A9jtag_s0 (0x1 << 4)
|
||||||
|
#define CYGNUS_S_CMICd_s0 (0x1 << 5)
|
||||||
|
#define CYGNUS_S_mhost0_s0 (0x1 << 6)
|
||||||
|
#define CYGNUS_S_mhost1_s0 (0x1 << 7)
|
||||||
|
#define CYGNUS_S_Crypto_s0 (0x1 << 8)
|
||||||
|
#define CYGNUS_S_DMU_s0 (0x1 << 9)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Peripherals (for parameter slave_vector in "tz_set_periph_security")
|
||||||
|
*/
|
||||||
|
#define CYGNUS_periph_APBx_DMU 0x00008000
|
||||||
|
#define CYGNUS_periph_APBx_cru 0x00004000
|
||||||
|
#define CYGNUS_periph_APBx_ccg_smbus1 0x00000800
|
||||||
|
#define CYGNUS_periph_APBx_ccg_gpio 0x00000400
|
||||||
|
#define CYGNUS_periph_APBx_ccg_watchdog 0x00000200
|
||||||
|
#define CYGNUS_periph_APBx_ccg_smbus0 0x00000100
|
||||||
|
#define CYGNUS_periph_APBx_ccg_srab 0x00000080
|
||||||
|
#define CYGNUS_periph_APBx_ccg_timer3 0x00000040
|
||||||
|
#define CYGNUS_periph_APBx_ccg_timer2 0x00000020
|
||||||
|
#define CYGNUS_periph_APBx_ccg_timer1 0x00000010
|
||||||
|
#define CYGNUS_periph_APBx_ccg_timer0 0x00000008
|
||||||
|
#define CYGNUS_periph_APBx_ccg_mdio 0x00000004
|
||||||
|
#define CYGNUS_periph_APBx_ccg_pwm 0x00000002
|
||||||
|
#define CYGNUS_periph_APBx_icfg 0x00000001
|
||||||
|
|
||||||
|
#define CYGNUS_periph_APBy_ccg_spi5 (0x00002000 << 16)
|
||||||
|
#define CYGNUS_periph_APBy_ccg_spi4 (0x00001000 << 16)
|
||||||
|
#define CYGNUS_periph_APBy_ccg_spi3 (0x00000800 << 16)
|
||||||
|
#define CYGNUS_periph_APBy_ccg_spi2 (0x00000400 << 16)
|
||||||
|
#define CYGNUS_periph_APBy_ccg_spi1 (0x00000200 << 16)
|
||||||
|
#define CYGNUS_periph_APBy_ccg_spi0 (0x00000100 << 16)
|
||||||
|
#define CYGNUS_periph_APBy_ccg_uart4 (0x00000010 << 16)
|
||||||
|
#define CYGNUS_periph_APBy_ccg_uart3 (0x00000008 << 16)
|
||||||
|
#define CYGNUS_periph_APBy_ccg_uart2 (0x00000004 << 16)
|
||||||
|
#define CYGNUS_periph_APBy_ccg_uart1 (0x00000002 << 16)
|
||||||
|
#define CYGNUS_periph_APBy_ccg_uart0 (0x00000001 << 16)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Sececure Peripherals (for parameter slave_vector in "tz_set_sec_periphs_security")
|
||||||
|
*/
|
||||||
|
#define CYGNUS_sec_periph_APBz_sotp 0x00000020
|
||||||
|
#define CYGNUS_sec_periph_APBz_tzpc 0x00000010
|
||||||
|
#define CYGNUS_sec_periph_APBz_ccg_wdog 0x00000008
|
||||||
|
#define CYGNUS_sec_periph_APBz_ccs_rng 0x00000004
|
||||||
|
#define CYGNUS_sec_periph_APBz_ccs_pka 0x00000002
|
||||||
|
#define CYGNUS_sec_periph_APBz_ccs_gpio 0x00000001
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Cfg Slaves (for parameter slave_vector in "tz_set_cfg_slaves_security")
|
||||||
|
*/
|
||||||
|
#define CYGNUS_cfg_slv_APBr_mhost0 0x00004000
|
||||||
|
#define CYGNUS_cfg_slv_APBr_dma_s1 0x00000200
|
||||||
|
#define CYGNUS_cfg_slv_APBr_dma_s0 0x00000100
|
||||||
|
#define CYGNUS_cfg_slv_APBr_acpal 0x00000040
|
||||||
|
#define CYGNUS_cfg_slv_APBr_smau 0x00000020
|
||||||
|
#define CYGNUS_cfg_slv_APBr_pcie1 0x00000008
|
||||||
|
#define CYGNUS_cfg_slv_APBr_pcie0 0x00000004
|
||||||
|
#define CYGNUS_cfg_slv_APBr_ddr 0x00000001
|
||||||
|
|
||||||
|
#define CYGNUS_cfg_slv_APBs_sram (0x00004000 << 16)
|
||||||
|
#define CYGNUS_cfg_slv_APBs_usb2d (0x00001000 << 16)
|
||||||
|
#define CYGNUS_cfg_slv_APBs_amac1 (0x00000400 << 16)
|
||||||
|
#define CYGNUS_cfg_slv_APBs_usb2h_apb2 (0x00000200 << 16)
|
||||||
|
#define CYGNUS_cfg_slv_APBs_usb2h_apb1 (0x00000100 << 16)
|
||||||
|
#define CYGNUS_cfg_slv_APBs_qspi (0x00000080 << 16)
|
||||||
|
#define CYGNUS_cfg_slv_APBs_nand (0x00000040 << 16)
|
||||||
|
#define CYGNUS_cfg_slv_APBs_nor (0x00000020 << 16)
|
||||||
|
#define CYGNUS_cfg_slv_APBs_sdio1 (0x00000008 << 16)
|
||||||
|
#define CYGNUS_cfg_slv_APBs_amac0 (0x00000004 << 16)
|
||||||
|
#define CYGNUS_cfg_slv_APBs_sdio0 (0x00000002 << 16)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Wrapper1 (for parameter wrapper1 in "tz_set_wrapper_security")
|
||||||
|
*/
|
||||||
|
#define CYGNUS_APB_W1_wrp_master_ihost_m0 0x00000001
|
||||||
|
#define CYGNUS_APB_W1_wrp_master_pcie0_m0 0x00000002
|
||||||
|
#define CYGNUS_APB_W1_wrp_master_pcie1_m0 0x00000004
|
||||||
|
#define CYGNUS_APB_W1_wrp_master_cmicd_m0 0x00000008
|
||||||
|
#define CYGNUS_APB_W1_wrp_master_mhost0_m0 0x00000010
|
||||||
|
#define CYGNUS_APB_W1_wrp_master_mhost1_m0 0x00000020
|
||||||
|
#define CYGNUS_APB_W1_wrp_slave_ihost_acp 0x00000040
|
||||||
|
#define CYGNUS_APB_W1_wrp_slave_ihost_s0 0x00000080
|
||||||
|
#define CYGNUS_APB_W1_wrp_slave_pcie0_s0 0x00000100
|
||||||
|
#define CYGNUS_APB_W1_wrp_slave_pcie1_s0 0x00000200
|
||||||
|
#define CYGNUS_APB_W1_wrp_slave_cmicd_s0 0x00000400
|
||||||
|
#define CYGNUS_APB_W1_wrp_slave_smau_s0 0x00000800
|
||||||
|
#define CYGNUS_APB_W1_wrp_slave_mhost0_s0 0x00001000
|
||||||
|
#define CYGNUS_APB_W1_wrp_slave_mhost1_s0 0x00002000
|
||||||
|
#define CYGNUS_APB_W1_wrp_slave_apbr 0x00004000
|
||||||
|
#define CYGNUS_APB_W1_wrp_master_dma_m0 0x00008000
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Wrapper2 (for parameter wrapper2 in "tz_set_wrapper_security")
|
||||||
|
*/
|
||||||
|
#define CYGNUS_APB_W2_wrp_ds_ds_2 0x00000008
|
||||||
|
#define CYGNUS_APB_W2_sdrom 0x00000004
|
||||||
|
#define CYGNUS_APB_W2_wrp_ds_ds_1 0x00000002
|
||||||
|
#define CYGNUS_APB_W2_wrp_ds_ds_0 0x00000001
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Wrapper3 (for parameter wrapper3 in "tz_set_wrapper_security")
|
||||||
|
*/
|
||||||
|
#define CYGNUS_APB_W3_wrp_master_amac_m1 0x00002000
|
||||||
|
#define CYGNUS_APB_W3_wrp_ds_ds_3 0x00001000
|
||||||
|
#define CYGNUS_APB_W3_wrp_slave_apbs 0x00000800
|
||||||
|
#define CYGNUS_APB_W3_wrp_slave_sram_s0 0x00000400
|
||||||
|
#define CYGNUS_APB_W3_wrp_master_sdio_m1 0x00000200
|
||||||
|
#define CYGNUS_APB_W3_wrp_slave_a9jtag_s0 0x00000100
|
||||||
|
#define CYGNUS_APB_W3_wrp_slave_crypto_s0 0x00000080
|
||||||
|
#define CYGNUS_APB_W3_wrp_master_usb2h_m0 0x00000040
|
||||||
|
#define CYGNUS_APB_W3_wrp_master_a9jtag_m0 0x00000020
|
||||||
|
#define CYGNUS_APB_W3_wrp_master_ext_m1 0x00000010
|
||||||
|
#define CYGNUS_APB_W3_wrp_master_sdio_m0 0x00000008
|
||||||
|
#define CYGNUS_APB_W3_wrp_master_ext_m0 0x00000004
|
||||||
|
#define CYGNUS_APB_W3_wrp_master_usb2d_m0 0x00000002
|
||||||
|
#define CYGNUS_APB_W3_wrp_master_amac_m0 0x00000001
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Wrapper4 (for parameter wrapper4 in "tz_set_wrapper_security")
|
||||||
|
*/
|
||||||
|
#define CYGNUS_APB_W4_wrp_slave_ext_s1 0x00000040
|
||||||
|
#define CYGNUS_APB_W4_wrp_slave_dmu_s0 0x00000020
|
||||||
|
#define CYGNUS_APB_W4_wrp_slave_ext_s0 0x00000010
|
||||||
|
#define CYGNUS_APB_W4_wrp_master_dmu_m0 0x00000008
|
||||||
|
#define CYGNUS_APB_W4_wrp_slave_apbz 0x00000004
|
||||||
|
#define CYGNUS_APB_W4_wrp_slave_apby 0x00000002
|
||||||
|
#define CYGNUS_APB_W4_wrp_slave_apbx 0x00000001
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Ext Slaves (for parameter slave_vector in "tz_set_ext_slaves_security")
|
||||||
|
*/
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_0 0x00000001 /* LCD */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_1 0x00000002 /* Camera */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_2 0x00000004
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_3 0x00000008 /* Smartcard */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_4 0x00000010 /* S-GPIO */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_5 0x00000020 /* GPIO */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_6 0x00000040 /* ADC_APB */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_7 0x00000080
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_8 0x00000100 /* GFX_S0 */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_9 0x00000200 /* MIPI */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_10 0x00000400 /* ASIU_TOP */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_11 0x00000800 /* D1W */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_12 0x00001000 /* Keypad */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_13 0x00002000 /* Keypad */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_14 0x00004000 /* Audio */
|
||||||
|
#define CYGNUS_AXIIC_ext_s0_slave_15 0x00008000
|
||||||
|
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_0 (0x00000001 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_1 (0x00000002 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_2 (0x00000004 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_3 (0x00000008 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_4 (0x00000010 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_5 (0x00000020 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_6 (0x00000040 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_7 (0x00000080 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_8 (0x00000100 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_9 (0x00000200 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_10 (0x00000400 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_11 (0x00000800 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_12 (0x00001000 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_13 (0x00002000 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_14 (0x00004000 << 16)
|
||||||
|
#define CYGNUS_AXIIC_ext_s1_slave_15 (0x00008000 << 16)
|
||||||
|
|
||||||
|
void tz_set_masters_security(uint32_t masters, uint32_t ns_bit);
|
||||||
|
void tz_set_wrapper_security(uint32_t wrapper1, uint32_t wrapper2,
|
||||||
|
uint32_t wrapper3, uint32_t wrapper4,
|
||||||
|
uint32_t ns_bit);
|
||||||
|
void tz_set_cfg_slaves_security(uint32_t slave_vector, uint32_t ns_bit);
|
||||||
|
void tz_set_sec_periphs_security(uint32_t slave_vector, uint32_t ns_bit);
|
||||||
|
void tz_set_periph_security(uint32_t slave_vector, uint32_t ns_bit);
|
||||||
|
void tz_set_non_virtual_slaves_security(uint32_t slave_vector, uint32_t ns_bit);
|
||||||
|
void tz_set_sram_sec_region(uint32_t r0size);
|
||||||
|
void tz_set_ext_slaves_security(uint32_t slave_vector, uint32_t ns_bit);
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,287 @@
|
||||||
|
/*
|
||||||
|
* Copyright (C) 2015 Broadcom Corporation
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; version 2 of the License.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <arch/io.h>
|
||||||
|
#include <soc/tz.h>
|
||||||
|
|
||||||
|
#define TZPC_TZPCR0SIZE 0x18034000
|
||||||
|
#define TZPC_TZPCR0SIZE_MASK 0x000003ff
|
||||||
|
|
||||||
|
#define TZPC_TZPCDECPROT0SET 0x18034804
|
||||||
|
#define TZPC_TZPCDECPROT0CLR 0x18034808
|
||||||
|
#define TZPC_TZPCDECPROT1SET 0x18034810
|
||||||
|
#define TZPC_TZPCDECPROT1CLR 0x18034814
|
||||||
|
#define TZPC_TZPCDECPROT2SET 0x1803481c
|
||||||
|
#define TZPC_TZPCDECPROT2CLR 0x18034820
|
||||||
|
|
||||||
|
#define TZPCDECPROT0_MASK 0x000000FF
|
||||||
|
#define TZPCDECPROT1_MASK 0x000000FF
|
||||||
|
#define TZPCDECPROT2_MASK 0x000000FF
|
||||||
|
|
||||||
|
#define AXIIC_Ihost_acp_security 0x1a000008
|
||||||
|
#define AXIIC_PCIe0_s0_security 0x1a000010
|
||||||
|
#define AXIIC_PCIe1_s0_security 0x1a000014
|
||||||
|
#define AXIIC_APBY_s0_security 0x1a00002c
|
||||||
|
#define AXIIC_APBZ_s0_security 0x1a000030
|
||||||
|
#define AXIIC_APBX_s0_security 0x1a000034
|
||||||
|
#define AXIIC_ihost_s0_security 0x1a000038
|
||||||
|
#define AXIIC_A9jtag_s0_security 0x1a00003c
|
||||||
|
#define AXIIC_APB_W1_security 0x1a000040
|
||||||
|
#define AXIIC_APB_W2_security 0x1a000044
|
||||||
|
#define AXIIC_APB_W3_security 0x1a000048
|
||||||
|
#define AXIIC_APB_W4_security 0x1a00004c
|
||||||
|
#define AXIIC_APBR_s0_security 0x1a00006c
|
||||||
|
#define AXIIC_APBS_s0_security 0x1a000070
|
||||||
|
#define AXIIC_CMICd_s0_security 0x1a000074
|
||||||
|
#define AXIIC_mhost0_s0_security 0x1a000078
|
||||||
|
#define AXIIC_mhost1_s0_security 0x1a00007c
|
||||||
|
#define AXIIC_Crypto_s0_security 0x1a000080
|
||||||
|
#define AXIIC_DMU_s0_security 0x1a000084
|
||||||
|
#define AXIIC_ext_s0_security 0x1a000088
|
||||||
|
#define AXIIC_ext_s1_security 0x1a00008c
|
||||||
|
|
||||||
|
#define AXIIC_APBY_s0_security_MASK 0x00003f1f
|
||||||
|
#define AXIIC_APBZ_s0_security_MASK 0x0000003f
|
||||||
|
#define AXIIC_APBX_s0_security_MASK 0x0000cfff
|
||||||
|
#define AXIIC_ext_s0_security_MASK 0xffffffff
|
||||||
|
#define AXIIC_ext_s1_security_MASK 0xffffffff
|
||||||
|
#define AXIIC_APBR_s0_security_MASK 0x0000436d
|
||||||
|
#define AXIIC_APBS_s0_security_MASK 0x000057ee
|
||||||
|
#define AXIIC_APB_W1_security_MASK 0x0000ffff
|
||||||
|
#define AXIIC_APB_W2_security_MASK 0x0000000f
|
||||||
|
#define AXIIC_APB_W3_security_MASK 0x00003fff
|
||||||
|
#define AXIIC_APB_W4_security_MASK 0x0000007f
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Note: the order need to match corresponding definitions for
|
||||||
|
* non virtual slave slave_vector in tz.h
|
||||||
|
*/
|
||||||
|
static uint32_t non_virtual_slave_regs[] = {
|
||||||
|
AXIIC_Ihost_acp_security,
|
||||||
|
AXIIC_PCIe0_s0_security,
|
||||||
|
AXIIC_PCIe1_s0_security,
|
||||||
|
AXIIC_ihost_s0_security,
|
||||||
|
AXIIC_A9jtag_s0_security,
|
||||||
|
AXIIC_CMICd_s0_security,
|
||||||
|
AXIIC_mhost0_s0_security,
|
||||||
|
AXIIC_mhost1_s0_security,
|
||||||
|
AXIIC_Crypto_s0_security,
|
||||||
|
AXIIC_DMU_s0_security
|
||||||
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set master security.
|
||||||
|
* Use defines in tz.h for both parameters.
|
||||||
|
*/
|
||||||
|
void tz_set_masters_security(uint32_t masters, uint32_t ns_bit)
|
||||||
|
{
|
||||||
|
uint32_t val;
|
||||||
|
|
||||||
|
/* Check any TZPCDECPROT0 is set and then write to TZPCDECPROT0 */
|
||||||
|
if (masters & TZPCDECPROT0_MASK) {
|
||||||
|
val = masters & TZPCDECPROT0_MASK;
|
||||||
|
if (ns_bit)
|
||||||
|
write32((void *)TZPC_TZPCDECPROT0SET, val);
|
||||||
|
else
|
||||||
|
write32((void *)TZPC_TZPCDECPROT0CLR, val);
|
||||||
|
}
|
||||||
|
/* Check any TZPCDECPROT1 is set and then write to TZPCDECPROT1 */
|
||||||
|
if ((masters >> 8) & TZPCDECPROT1_MASK) {
|
||||||
|
val = (masters >> 8) & TZPCDECPROT1_MASK;
|
||||||
|
if (ns_bit)
|
||||||
|
write32((void *)TZPC_TZPCDECPROT1SET, val);
|
||||||
|
else
|
||||||
|
write32((void *)TZPC_TZPCDECPROT1CLR, val);
|
||||||
|
}
|
||||||
|
/* Check any TZPCDECPROT2 is set and then write to TZPCDECPROT2 */
|
||||||
|
if ((masters >> 16) & TZPCDECPROT2_MASK) {
|
||||||
|
val = (masters >> 16) & TZPCDECPROT2_MASK;
|
||||||
|
if (ns_bit)
|
||||||
|
write32((void *)TZPC_TZPCDECPROT2SET, val);
|
||||||
|
else
|
||||||
|
write32((void *)TZPC_TZPCDECPROT2CLR, val);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set non virtual slave security.
|
||||||
|
* Use defines in tz.h for both parameters.
|
||||||
|
*/
|
||||||
|
void tz_set_non_virtual_slaves_security(uint32_t slave_vector, uint32_t ns_bit)
|
||||||
|
{
|
||||||
|
uint32_t i;
|
||||||
|
uint32_t total = sizeof(non_virtual_slave_regs) /
|
||||||
|
sizeof(non_virtual_slave_regs[0]);
|
||||||
|
uint32_t mask = ~(0xffffffff << total);
|
||||||
|
|
||||||
|
ns_bit &= 0x1;
|
||||||
|
slave_vector = slave_vector & mask;
|
||||||
|
for (i = 0; i < total; i++) {
|
||||||
|
if (slave_vector & (0x1 << i))
|
||||||
|
write32((void *)(non_virtual_slave_regs[i]), ns_bit);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set peripheral security.
|
||||||
|
* Use defines in tz.h for both parameters.
|
||||||
|
*/
|
||||||
|
void tz_set_periph_security(uint32_t slave_vector, uint32_t ns_bit)
|
||||||
|
{
|
||||||
|
uint32_t val;
|
||||||
|
uint32_t mask_x = AXIIC_APBX_s0_security_MASK;
|
||||||
|
uint32_t mask_y = AXIIC_APBY_s0_security_MASK;
|
||||||
|
uint32_t tz_periphs_sec_status =
|
||||||
|
(mask_x & read32((void *)AXIIC_APBX_s0_security)) |
|
||||||
|
((mask_y & read32((void *)AXIIC_APBY_s0_security)) << 16);
|
||||||
|
|
||||||
|
if (ns_bit == TZ_STATE_SECURE)
|
||||||
|
tz_periphs_sec_status &= ~slave_vector;
|
||||||
|
else
|
||||||
|
tz_periphs_sec_status |= slave_vector;
|
||||||
|
|
||||||
|
val = tz_periphs_sec_status & mask_x;
|
||||||
|
write32((void *)AXIIC_APBX_s0_security, val);
|
||||||
|
|
||||||
|
val = (tz_periphs_sec_status >> 16) & mask_y;
|
||||||
|
write32((void *)AXIIC_APBY_s0_security, val);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set sec peripheral security.
|
||||||
|
* Use defines in tz.h for both parameters.
|
||||||
|
*/
|
||||||
|
void tz_set_sec_periphs_security(uint32_t slave_vector, uint32_t ns_bit)
|
||||||
|
{
|
||||||
|
uint32_t val;
|
||||||
|
uint32_t mask = AXIIC_APBZ_s0_security_MASK;
|
||||||
|
uint32_t tz_sec_periphs_sec_status =
|
||||||
|
read32((void *)AXIIC_APBZ_s0_security);
|
||||||
|
|
||||||
|
if (ns_bit == TZ_STATE_SECURE)
|
||||||
|
tz_sec_periphs_sec_status &= ~slave_vector;
|
||||||
|
else
|
||||||
|
tz_sec_periphs_sec_status |= slave_vector;
|
||||||
|
|
||||||
|
val = tz_sec_periphs_sec_status & mask;
|
||||||
|
write32((void *)AXIIC_APBZ_s0_security, val);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set external slave security.
|
||||||
|
* Use defines in tz.h for both parameters.
|
||||||
|
*/
|
||||||
|
void tz_set_ext_slaves_security(uint32_t slave_vector, uint32_t ns_bit)
|
||||||
|
{
|
||||||
|
uint32_t val;
|
||||||
|
uint32_t mask_s0 = AXIIC_ext_s0_security_MASK;
|
||||||
|
uint32_t mask_s1 = AXIIC_ext_s1_security_MASK;
|
||||||
|
uint32_t tz_ext_slaves_sec_status =
|
||||||
|
(mask_s0 & read32((void *)AXIIC_ext_s0_security)) |
|
||||||
|
((mask_s1 & read32((void *)AXIIC_ext_s0_security)) << 16);
|
||||||
|
|
||||||
|
if (ns_bit == TZ_STATE_SECURE)
|
||||||
|
tz_ext_slaves_sec_status &= ~slave_vector;
|
||||||
|
else
|
||||||
|
tz_ext_slaves_sec_status |= slave_vector;
|
||||||
|
|
||||||
|
val = tz_ext_slaves_sec_status & mask_s0;
|
||||||
|
write32((void *)AXIIC_ext_s0_security, val);
|
||||||
|
|
||||||
|
val = (tz_ext_slaves_sec_status >> 16) & mask_s1;
|
||||||
|
write32((void *)AXIIC_ext_s1_security, val);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set cfg slave security
|
||||||
|
* Use defines in tz.h for both parameters.
|
||||||
|
*/
|
||||||
|
void tz_set_cfg_slaves_security(uint32_t slave_vector, uint32_t ns_bit)
|
||||||
|
{
|
||||||
|
uint32_t val;
|
||||||
|
uint32_t mask_r = AXIIC_APBR_s0_security_MASK;
|
||||||
|
uint32_t mask_s = AXIIC_APBS_s0_security_MASK;
|
||||||
|
uint32_t tz_cfg_slaves_sec_status =
|
||||||
|
(mask_r & read32((void *)AXIIC_APBR_s0_security)) |
|
||||||
|
((mask_s & read32((void *)AXIIC_APBS_s0_security)) << 16);
|
||||||
|
|
||||||
|
if (ns_bit == TZ_STATE_SECURE)
|
||||||
|
tz_cfg_slaves_sec_status &= ~slave_vector;
|
||||||
|
else
|
||||||
|
tz_cfg_slaves_sec_status |= slave_vector;
|
||||||
|
|
||||||
|
val = tz_cfg_slaves_sec_status & mask_r;
|
||||||
|
write32((void *)AXIIC_APBR_s0_security, val);
|
||||||
|
|
||||||
|
val = (tz_cfg_slaves_sec_status >> 16) & mask_s;
|
||||||
|
write32((void *)AXIIC_APBS_s0_security, val);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set SRAM secure region
|
||||||
|
* parameter 'r0size' specify the secure RAM region in 4KB steps:
|
||||||
|
* 0x00000000 = no secure region
|
||||||
|
* 0x00000001 = 4KB secure region
|
||||||
|
* 0x00000002 = 8KB secure region
|
||||||
|
* .......
|
||||||
|
* 0x000001FF = 2044KB secure region.
|
||||||
|
* 0x00000200 or above sets the entire SRAM to secure regardless of size
|
||||||
|
*/
|
||||||
|
void tz_set_sram_sec_region(uint32_t r0size)
|
||||||
|
{
|
||||||
|
uint32_t mask = TZPC_TZPCR0SIZE_MASK;
|
||||||
|
|
||||||
|
write32((void *)TZPC_TZPCR0SIZE, r0size & mask);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set wrapper security
|
||||||
|
* Use defines in tz.h for all parameters.
|
||||||
|
*/
|
||||||
|
void tz_set_wrapper_security(uint32_t wrapper1, uint32_t wrapper2,
|
||||||
|
uint32_t wrapper3, uint32_t wrapper4,
|
||||||
|
uint32_t ns_bit)
|
||||||
|
{
|
||||||
|
uint32_t mask_w4 = AXIIC_APB_W4_security_MASK;
|
||||||
|
uint32_t mask_w3 = AXIIC_APB_W3_security_MASK;
|
||||||
|
uint32_t mask_w2 = AXIIC_APB_W2_security_MASK;
|
||||||
|
uint32_t mask_w1 = AXIIC_APB_W1_security_MASK;
|
||||||
|
uint32_t tz_wrapper1_sec_status = read32((void *)AXIIC_APB_W1_security);
|
||||||
|
uint32_t tz_wrapper2_sec_status = read32((void *)AXIIC_APB_W2_security);
|
||||||
|
uint32_t tz_wrapper3_sec_status = read32((void *)AXIIC_APB_W3_security);
|
||||||
|
uint32_t tz_wrapper4_sec_status = read32((void *)AXIIC_APB_W4_security);
|
||||||
|
|
||||||
|
if (ns_bit == TZ_STATE_SECURE) {
|
||||||
|
tz_wrapper1_sec_status &= ~wrapper1;
|
||||||
|
tz_wrapper2_sec_status &= ~wrapper2;
|
||||||
|
tz_wrapper3_sec_status &= ~wrapper3;
|
||||||
|
tz_wrapper4_sec_status &= ~wrapper4;
|
||||||
|
} else {
|
||||||
|
tz_wrapper1_sec_status |= wrapper1;
|
||||||
|
tz_wrapper2_sec_status |= wrapper2;
|
||||||
|
tz_wrapper3_sec_status |= wrapper3;
|
||||||
|
tz_wrapper4_sec_status |= wrapper4;
|
||||||
|
}
|
||||||
|
write32((void *)AXIIC_APB_W1_security,
|
||||||
|
tz_wrapper1_sec_status & mask_w1);
|
||||||
|
write32((void *)AXIIC_APB_W2_security,
|
||||||
|
tz_wrapper2_sec_status & mask_w2);
|
||||||
|
write32((void *)AXIIC_APB_W3_security,
|
||||||
|
tz_wrapper3_sec_status & mask_w3);
|
||||||
|
write32((void *)AXIIC_APB_W4_security,
|
||||||
|
tz_wrapper4_sec_status & mask_w4);
|
||||||
|
}
|
Loading…
Reference in New Issue