aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAditya Angadi <aditya.angadi@arm.com>2021-02-17 18:46:22 +0530
committerThomas Abraham <thomas.abraham@arm.com>2021-03-29 21:36:48 +0530
commitf97b57950203fd1deb01dfb77e8b0edcd6a30799 (patch)
tree32a666532d4fc74fcd96a032b998258c31ee1558
parent21803491175d6be209a5b9db7b8d27f8174cd111 (diff)
downloadtrusted-firmware-a-f97b57950203fd1deb01dfb77e8b0edcd6a30799.tar.gz
board/rdv1mc: initialize tzc400 controllers
A TZC400 controller is placed inline on DRAM channels and regulates the secure and non-secure accesses to both secure and non-secure regions of the DRAM memory. Configure each of the TZC controllers across the Chips. For use by secure software, configure the first chip's trustzone controller to protect the upper 16MB of the memory of the first DRAM block for secure accesses only. The other regions are configured for non-secure read write access. For all the remote chips, all the DRAM regions are allowed for non-secure read and write access. Signed-off-by: Aditya Angadi <aditya.angadi@arm.com> Change-Id: I809f27eccadfc23ea0ef64e2fd87f95eb8f195c1
-rw-r--r--plat/arm/board/rdv1mc/include/platform_def.h25
-rw-r--r--plat/arm/board/rdv1mc/platform.mk4
-rw-r--r--plat/arm/board/rdv1mc/rdv1mc_security.c56
3 files changed, 82 insertions, 3 deletions
diff --git a/plat/arm/board/rdv1mc/include/platform_def.h b/plat/arm/board/rdv1mc/include/platform_def.h
index 112b2102ba..12ce8063a0 100644
--- a/plat/arm/board/rdv1mc/include/platform_def.h
+++ b/plat/arm/board/rdv1mc/include/platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -20,6 +20,29 @@
#define CSS_SYSTEM_PWR_DMN_LVL ARM_PWR_LVL2
#define PLAT_MAX_PWR_LVL ARM_PWR_LVL1
+/* TZC Related Constants */
+#define PLAT_ARM_TZC_BASE UL(0x21830000)
+#define TZC400_BASE(n) (PLAT_ARM_TZC_BASE + \
+ (n * TZC400_OFFSET))
+#define TZC400_OFFSET UL(0x1000000)
+#define TZC400_COUNT U(8)
+#define PLAT_ARM_TZC_FILTERS TZC_400_REGION_ATTR_FILTER_BIT(0)
+
+#define TZC_NSAID_ALL_AP U(0)
+#define TZC_NSAID_PCI U(1)
+#define TZC_NSAID_HDLCD0 U(2)
+#define TZC_NSAID_CLCD U(7)
+#define TZC_NSAID_AP U(9)
+#define TZC_NSAID_VIRTIO U(15)
+
+#define PLAT_ARM_TZC_NS_DEV_ACCESS \
+ (TZC_REGION_ACCESS_RDWR(TZC_NSAID_ALL_AP)) | \
+ (TZC_REGION_ACCESS_RDWR(TZC_NSAID_HDLCD0)) | \
+ (TZC_REGION_ACCESS_RDWR(TZC_NSAID_PCI)) | \
+ (TZC_REGION_ACCESS_RDWR(TZC_NSAID_AP)) | \
+ (TZC_REGION_ACCESS_RDWR(TZC_NSAID_CLCD)) | \
+ (TZC_REGION_ACCESS_RDWR(TZC_NSAID_VIRTIO))
+
/* Virtual address used by dynamic mem_protect for chunk_base */
#define PLAT_ARM_MEM_PROTEC_VA_FRAME UL(0xC0000000)
diff --git a/plat/arm/board/rdv1mc/platform.mk b/plat/arm/board/rdv1mc/platform.mk
index 50728416ae..fb057936ad 100644
--- a/plat/arm/board/rdv1mc/platform.mk
+++ b/plat/arm/board/rdv1mc/platform.mk
@@ -1,4 +1,4 @@
-# Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2020-2021, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -23,6 +23,8 @@ BL1_SOURCES += ${SGI_CPU_SOURCES} \
BL2_SOURCES += ${RDV1MC_BASE}/rdv1mc_plat.c \
${RDV1MC_BASE}/rdv1mc_security.c \
${RDV1MC_BASE}/rdv1mc_err.c \
+ drivers/arm/tzc/tzc400.c \
+ plat/arm/common/arm_tzc400.c \
lib/utils/mem_region.c \
plat/arm/common/arm_nor_psci_mem_protect.c
diff --git a/plat/arm/board/rdv1mc/rdv1mc_security.c b/plat/arm/board/rdv1mc/rdv1mc_security.c
index 541f800a84..adc0bf816c 100644
--- a/plat/arm/board/rdv1mc/rdv1mc_security.c
+++ b/plat/arm/board/rdv1mc/rdv1mc_security.c
@@ -1,10 +1,64 @@
/*
- * Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
+#include <common/debug.h>
+#include <plat/arm/common/plat_arm.h>
+#include <platform_def.h>
+
+/* TZC memory regions for the first chip */
+static const arm_tzc_regions_info_t tzc_regions[] = {
+ ARM_TZC_REGIONS_DEF,
+ {}
+};
+
+#if CSS_SGI_CHIP_COUNT > 1
+static const arm_tzc_regions_info_t tzc_regions_mc[][CSS_SGI_CHIP_COUNT - 1] = {
+ {
+ /* TZC memory regions for second chip */
+ SGI_PLAT_TZC_NS_REMOTE_REGIONS_DEF(1),
+ {}
+ },
+#if CSS_SGI_CHIP_COUNT > 2
+ {
+ /* TZC memory regions for third chip */
+ SGI_PLAT_TZC_NS_REMOTE_REGIONS_DEF(2),
+ {}
+ },
+#endif
+#if CSS_SGI_CHIP_COUNT > 3
+ {
+ /* TZC memory regions for fourth chip */
+ SGI_PLAT_TZC_NS_REMOTE_REGIONS_DEF(3),
+ {}
+ },
+#endif
+};
+#endif /* CSS_SGI_CHIP_COUNT */
+
/* Initialize the secure environment */
void plat_arm_security_setup(void)
{
+ unsigned int i;
+
+ INFO("Configuring TrustZone Controller for Chip 0\n");
+
+ for (i = 0; i < TZC400_COUNT; i++) {
+ arm_tzc400_setup(TZC400_BASE(i), tzc_regions);
+ }
+
+#if CSS_SGI_CHIP_COUNT > 1
+ unsigned int j;
+
+ for (i = 1; i < CSS_SGI_CHIP_COUNT; i++) {
+ INFO("Configuring TrustZone Controller for Chip %u\n", i);
+
+ for (j = 0; j < TZC400_COUNT; j++) {
+ arm_tzc400_setup(CSS_SGI_REMOTE_CHIP_MEM_OFFSET(i)
+ + TZC400_BASE(j), tzc_regions_mc[i-1]);
+ }
+ }
+#endif
}