soc/mediatek/mt8188: devapc: Set master domains
Currently, all the masters controlled by DAPC are in domain 0. With this setting, there is a potential security problem. For example, if a certain master is somehow hacked, it may attempt to access registers that it is not supposed to, with successful results. This is due to the fact that, in the current setting, all masters are in domain 0 and can access almost all registers. To prevent this problem, we assign masters to different domains and restrict access to registers based on each domain. This patch sets domains for masters: SSPM - domain 3 CPUEB - domain 14 PCIE0 - domain 2 SPM - domain 9 Change-Id: Ie3e1d5055e72824257b66d6257982652eeb05953 Signed-off-by: Nina Wu <nina-cm.wu@mediatek.com> Signed-off-by: Jason Chen <Jason-ch.Chen@mediatek.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/77862 Reviewed-by: Yu-Ping Wu <yupingso@google.com> Reviewed-by: Yidi Lin <yidilin@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
parent
244ec489f2
commit
95a3c79d55
|
@ -1636,6 +1636,11 @@ static void infra_init(uintptr_t base)
|
||||||
SET32_BITFIELDS(getreg(base, MAS_SEC_0), CPU_EB_SEC, SECURE_TRANS);
|
SET32_BITFIELDS(getreg(base, MAS_SEC_0), CPU_EB_SEC, SECURE_TRANS);
|
||||||
SET32_BITFIELDS(getreg(base, MAS_SEC_0), SCP_SSPM_SEC, SECURE_TRANS);
|
SET32_BITFIELDS(getreg(base, MAS_SEC_0), SCP_SSPM_SEC, SECURE_TRANS);
|
||||||
|
|
||||||
|
/* Master Domain */
|
||||||
|
SET32_BITFIELDS(getreg(base, MAS_DOM_0),
|
||||||
|
SCP_SSPM_DOM, DOMAIN_3,
|
||||||
|
CPU_EB_DOM, DOMAIN_14);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Domain Remap: INFRA (4-bit) -> MMSYS (2-bit)
|
* Domain Remap: INFRA (4-bit) -> MMSYS (2-bit)
|
||||||
* domain 0 -> domain 0
|
* domain 0 -> domain 0
|
||||||
|
@ -1670,6 +1675,9 @@ static void peri_init(uintptr_t base)
|
||||||
/* Default APC setting */
|
/* Default APC setting */
|
||||||
set_peri_ao_apc(base);
|
set_peri_ao_apc(base);
|
||||||
|
|
||||||
|
/* Master Domain */
|
||||||
|
SET32_BITFIELDS(getreg(base, MAS_DOM_0), SPM_DOM, DOMAIN_9);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Domain Remap: INFRA (4-bit) -> TINYSYS (3-bit)
|
* Domain Remap: INFRA (4-bit) -> TINYSYS (3-bit)
|
||||||
* domain 0 -> domain 0
|
* domain 0 -> domain 0
|
||||||
|
@ -1694,6 +1702,11 @@ static void peri_par_init(uintptr_t base)
|
||||||
{
|
{
|
||||||
/* Default APC setting */
|
/* Default APC setting */
|
||||||
set_peri_par_ao_apc(base);
|
set_peri_par_ao_apc(base);
|
||||||
|
|
||||||
|
/* Master Domain */
|
||||||
|
SET32_BITFIELDS(getreg_domain(base, MAS_DOM_0, 0, 4),
|
||||||
|
PCIE0_DOM, DOMAIN_2);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void fmem_master_init(uintptr_t base)
|
static void fmem_master_init(uintptr_t base)
|
||||||
|
|
|
@ -59,4 +59,13 @@ enum devapc_cfg_index {
|
||||||
DEFINE_BIT(CPU_EB_SEC, 1)
|
DEFINE_BIT(CPU_EB_SEC, 1)
|
||||||
DEFINE_BIT(SCP_SSPM_SEC, 2)
|
DEFINE_BIT(SCP_SSPM_SEC, 2)
|
||||||
|
|
||||||
|
DEFINE_BITFIELD(CPU_EB_DOM, 11, 8) /* 1 */
|
||||||
|
DEFINE_BITFIELD(SCP_SSPM_DOM, 19, 16) /* 2 */
|
||||||
|
|
||||||
|
/* PERI */
|
||||||
|
DEFINE_BITFIELD(SPM_DOM, 3, 0) /* 0 */
|
||||||
|
|
||||||
|
/* PERI_PAR */
|
||||||
|
DEFINE_BITFIELD(PCIE0_DOM, 27, 24) /* 19 */
|
||||||
|
|
||||||
#endif /* SOC_MEDIATEK_MT8188_DEVAPC_H */
|
#endif /* SOC_MEDIATEK_MT8188_DEVAPC_H */
|
||||||
|
|
Loading…
Reference in New Issue