Merge "IO Driver Misra Cleanup" into integration
diff --git a/drivers/st/clk/stm32mp1_clk.c b/drivers/st/clk/stm32mp1_clk.c
index 2f4dcad..d6cd8b1 100644
--- a/drivers/st/clk/stm32mp1_clk.c
+++ b/drivers/st/clk/stm32mp1_clk.c
@@ -577,6 +577,43 @@
1, 2, 3, 4, 4, 4, 4, 4
};
+static const char * const stm32mp1_clk_parent_name[_PARENT_NB] __unused = {
+ [_HSI] = "HSI",
+ [_HSE] = "HSE",
+ [_CSI] = "CSI",
+ [_LSI] = "LSI",
+ [_LSE] = "LSE",
+ [_I2S_CKIN] = "I2S_CKIN",
+ [_HSI_KER] = "HSI_KER",
+ [_HSE_KER] = "HSE_KER",
+ [_HSE_KER_DIV2] = "HSE_KER_DIV2",
+ [_CSI_KER] = "CSI_KER",
+ [_PLL1_P] = "PLL1_P",
+ [_PLL1_Q] = "PLL1_Q",
+ [_PLL1_R] = "PLL1_R",
+ [_PLL2_P] = "PLL2_P",
+ [_PLL2_Q] = "PLL2_Q",
+ [_PLL2_R] = "PLL2_R",
+ [_PLL3_P] = "PLL3_P",
+ [_PLL3_Q] = "PLL3_Q",
+ [_PLL3_R] = "PLL3_R",
+ [_PLL4_P] = "PLL4_P",
+ [_PLL4_Q] = "PLL4_Q",
+ [_PLL4_R] = "PLL4_R",
+ [_ACLK] = "ACLK",
+ [_PCLK1] = "PCLK1",
+ [_PCLK2] = "PCLK2",
+ [_PCLK3] = "PCLK3",
+ [_PCLK4] = "PCLK4",
+ [_PCLK5] = "PCLK5",
+ [_HCLK6] = "KCLK6",
+ [_HCLK2] = "HCLK2",
+ [_CK_PER] = "CK_PER",
+ [_CK_MPU] = "CK_MPU",
+ [_CK_MCU] = "CK_MCU",
+ [_USB_PHY_48] = "USB_PHY_48",
+};
+
/* RCC clock device driver private */
static unsigned long stm32mp1_osc[NB_OSC];
static struct spinlock reg_lock;
@@ -2006,6 +2043,165 @@
stm32mp1_osc_clk_init(stm32mp_osc_node_label[i], i);
}
}
+
+#ifdef STM32MP_SHARED_RESOURCES
+/*
+ * Get the parent ID of the target parent clock, for tagging as secure
+ * shared clock dependencies.
+ */
+static int get_parent_id_parent(unsigned int parent_id)
+{
+ enum stm32mp1_parent_sel s = _UNKNOWN_SEL;
+ enum stm32mp1_pll_id pll_id;
+ uint32_t p_sel;
+ uintptr_t rcc_base = stm32mp_rcc_base();
+
+ switch (parent_id) {
+ case _ACLK:
+ case _PCLK4:
+ case _PCLK5:
+ s = _AXIS_SEL;
+ break;
+ case _PLL1_P:
+ case _PLL1_Q:
+ case _PLL1_R:
+ pll_id = _PLL1;
+ break;
+ case _PLL2_P:
+ case _PLL2_Q:
+ case _PLL2_R:
+ pll_id = _PLL2;
+ break;
+ case _PLL3_P:
+ case _PLL3_Q:
+ case _PLL3_R:
+ pll_id = _PLL3;
+ break;
+ case _PLL4_P:
+ case _PLL4_Q:
+ case _PLL4_R:
+ pll_id = _PLL4;
+ break;
+ case _PCLK1:
+ case _PCLK2:
+ case _HCLK2:
+ case _HCLK6:
+ case _CK_PER:
+ case _CK_MPU:
+ case _CK_MCU:
+ case _USB_PHY_48:
+ /* We do not expect to access these */
+ panic();
+ break;
+ default:
+ /* Other parents have no parent */
+ return -1;
+ }
+
+ if (s != _UNKNOWN_SEL) {
+ const struct stm32mp1_clk_sel *sel = clk_sel_ref(s);
+
+ p_sel = (mmio_read_32(rcc_base + sel->offset) >> sel->src) &
+ sel->msk;
+
+ if (p_sel < sel->nb_parent) {
+ return (int)sel->parent[p_sel];
+ }
+ } else {
+ const struct stm32mp1_clk_pll *pll = pll_ref(pll_id);
+
+ p_sel = mmio_read_32(rcc_base + pll->rckxselr) &
+ RCC_SELR_REFCLK_SRC_MASK;
+
+ if (pll->refclk[p_sel] != _UNKNOWN_OSC_ID) {
+ return (int)pll->refclk[p_sel];
+ }
+ }
+
+ VERBOSE("No parent selected for %s\n",
+ stm32mp1_clk_parent_name[parent_id]);
+
+ return -1;
+}
+
+static void secure_parent_clocks(unsigned long parent_id)
+{
+ int grandparent_id;
+
+ switch (parent_id) {
+ case _PLL3_P:
+ case _PLL3_Q:
+ case _PLL3_R:
+ stm32mp_register_secure_periph(STM32MP1_SHRES_PLL3);
+ break;
+
+ /* These clocks are always secure when RCC is secure */
+ case _ACLK:
+ case _HCLK2:
+ case _HCLK6:
+ case _PCLK4:
+ case _PCLK5:
+ case _PLL1_P:
+ case _PLL1_Q:
+ case _PLL1_R:
+ case _PLL2_P:
+ case _PLL2_Q:
+ case _PLL2_R:
+ case _HSI:
+ case _HSI_KER:
+ case _LSI:
+ case _CSI:
+ case _CSI_KER:
+ case _HSE:
+ case _HSE_KER:
+ case _HSE_KER_DIV2:
+ case _LSE:
+ break;
+
+ default:
+ VERBOSE("Cannot secure parent clock %s\n",
+ stm32mp1_clk_parent_name[parent_id]);
+ panic();
+ }
+
+ grandparent_id = get_parent_id_parent(parent_id);
+ if (grandparent_id >= 0) {
+ secure_parent_clocks(grandparent_id);
+ }
+}
+
+void stm32mp1_register_clock_parents_secure(unsigned long clock_id)
+{
+ int parent_id;
+
+ if (!stm32mp1_rcc_is_secure()) {
+ return;
+ }
+
+ switch (clock_id) {
+ case PLL1:
+ case PLL2:
+ /* PLL1/PLL2 are always secure: nothing to do */
+ break;
+ case PLL3:
+ stm32mp_register_secure_periph(STM32MP1_SHRES_PLL3);
+ break;
+ case PLL4:
+ ERROR("PLL4 cannot be secured\n");
+ panic();
+ break;
+ default:
+ /* Others are expected gateable clock */
+ parent_id = stm32mp1_clk_get_parent(clock_id);
+ if (parent_id < 0) {
+ INFO("No parent found for clock %lu\n", clock_id);
+ } else {
+ secure_parent_clocks(parent_id);
+ }
+ break;
+ }
+}
+#endif /* STM32MP_SHARED_RESOURCES */
static void sync_earlyboot_clocks_state(void)
{
diff --git a/drivers/st/crypto/stm32_hash.c b/drivers/st/crypto/stm32_hash.c
index 3184df9..515947c 100644
--- a/drivers/st/crypto/stm32_hash.c
+++ b/drivers/st/crypto/stm32_hash.c
@@ -300,7 +300,9 @@
break;
}
#else
+ /* BL32 uses hash if it is assigned only to secure world */
if (hash_info.status == DT_SECURE) {
+ stm32mp_register_secure_periph_iomem(hash_info.base);
break;
}
#endif
diff --git a/drivers/st/gpio/stm32_gpio.c b/drivers/st/gpio/stm32_gpio.c
index a13c341..bb77371 100644
--- a/drivers/st/gpio/stm32_gpio.c
+++ b/drivers/st/gpio/stm32_gpio.c
@@ -254,6 +254,15 @@
mmio_read_32(base + GPIO_AFRH_OFFSET));
stm32mp_clk_disable(clock);
+
+ if (status == DT_SECURE) {
+ stm32mp_register_secure_gpio(bank, pin);
+ set_gpio_secure_cfg(bank, pin, true);
+
+ } else {
+ stm32mp_register_non_secure_gpio(bank, pin);
+ set_gpio_secure_cfg(bank, pin, false);
+ }
}
void set_gpio_secure_cfg(uint32_t bank, uint32_t pin, bool secure)
diff --git a/drivers/st/iwdg/stm32_iwdg.c b/drivers/st/iwdg/stm32_iwdg.c
index ea6fbb2..c052b4d 100644
--- a/drivers/st/iwdg/stm32_iwdg.c
+++ b/drivers/st/iwdg/stm32_iwdg.c
@@ -137,6 +137,12 @@
((dt_info.status & DT_NON_SECURE) != 0) ?
"non-" : "");
+ if ((dt_info.status & DT_NON_SECURE) != 0) {
+ stm32mp_register_non_secure_periph_iomem(iwdg->base);
+ } else {
+ stm32mp_register_secure_periph_iomem(iwdg->base);
+ }
+
#if defined(IMAGE_BL2)
if (stm32_iwdg_shadow_update(idx, iwdg->flags) != BSEC_OK) {
return -1;
diff --git a/drivers/st/pmic/stm32mp_pmic.c b/drivers/st/pmic/stm32mp_pmic.c
index 9e9dddc..b2bb482 100644
--- a/drivers/st/pmic/stm32mp_pmic.c
+++ b/drivers/st/pmic/stm32mp_pmic.c
@@ -54,6 +54,15 @@
return fdt_get_status(node);
}
+static bool dt_pmic_is_secure(void)
+{
+ int status = dt_pmic_status();
+
+ return (status >= 0) &&
+ (status == DT_SECURE) &&
+ (i2c_handle.dt_status == DT_SECURE);
+}
+
/*
* Get PMIC and its I2C bus configuration from the device tree.
* Return 0 on success, negative on error, 1 if no PMIC node is found.
@@ -223,6 +232,19 @@
return true;
}
+static void register_pmic_shared_peripherals(void)
+{
+ uintptr_t i2c_base = i2c_handle.i2c_base_addr;
+
+ if (dt_pmic_is_secure()) {
+ stm32mp_register_secure_periph_iomem(i2c_base);
+ } else {
+ if (i2c_base != 0U) {
+ stm32mp_register_non_secure_periph_iomem(i2c_base);
+ }
+ }
+}
+
void initialize_pmic(void)
{
unsigned long pmic_version;
@@ -232,6 +254,8 @@
return;
}
+ register_pmic_shared_peripherals();
+
if (stpmic1_get_version(&pmic_version) != 0) {
ERROR("Failed to access PMIC\n");
panic();
diff --git a/include/drivers/st/stm32mp1_clk.h b/include/drivers/st/stm32mp1_clk.h
index 1ebd39f..c46892b 100644
--- a/include/drivers/st/stm32mp1_clk.h
+++ b/include/drivers/st/stm32mp1_clk.h
@@ -59,4 +59,7 @@
void stm32mp1_stgen_increment(unsigned long long offset_in_ms);
+#ifdef STM32MP_SHARED_RESOURCES
+void stm32mp1_register_clock_parents_secure(unsigned long id);
+#endif
#endif /* STM32MP1_CLK_H */
diff --git a/plat/arm/board/arm_fpga/fpga_def.h b/plat/arm/board/arm_fpga/fpga_def.h
index 0378729..5f1951f 100644
--- a/plat/arm/board/arm_fpga/fpga_def.h
+++ b/plat/arm/board/arm_fpga/fpga_def.h
@@ -18,7 +18,7 @@
* that are present will still be indexed appropriately regardless of any empty
* entries in the array used to represent the topology.
*/
-#define FPGA_MAX_CLUSTER_COUNT 2
+#define FPGA_MAX_CLUSTER_COUNT 4
#define FPGA_MAX_CPUS_PER_CLUSTER 8
#define FPGA_MAX_PE_PER_CPU 4
diff --git a/plat/arm/board/arm_fpga/platform.mk b/plat/arm/board/arm_fpga/platform.mk
index 34e50ea..e57912c 100644
--- a/plat/arm/board/arm_fpga/platform.mk
+++ b/plat/arm/board/arm_fpga/platform.mk
@@ -24,15 +24,10 @@
$(error "TRUSTED_BOARD_BOOT must be disabled")
endif
-ifndef PRELOADED_BL33_BASE
-$(error "PRELOADED_BL33_BASE is not set")
-endif
+PRELOADED_BL33_BASE := 0x80080000
-ifndef FPGA_PRELOADED_DTB_BASE
-$(error "FPGA_PRELOADED_DTB_BASE is not set")
-else
+FPGA_PRELOADED_DTB_BASE := 0x80070000
$(eval $(call add_define,FPGA_PRELOADED_DTB_BASE))
-endif
# Treating this as a memory-constrained port for now
USE_COHERENT_MEM := 0
@@ -64,7 +59,10 @@
lib/cpus/aarch64/neoverse_zeus.S \
lib/cpus/aarch64/cortex_hercules_ae.S \
lib/cpus/aarch64/cortex_a65.S \
- lib/cpus/aarch64/cortex_a65ae.S
+ lib/cpus/aarch64/cortex_a65ae.S \
+ lib/cpus/aarch64/cortex_klein.S \
+ lib/cpus/aarch64/cortex_matterhorn.S
+
# AArch64/AArch32 cores
FPGA_CPU_LIBS += lib/cpus/aarch64/cortex_a55.S \
lib/cpus/aarch64/cortex_a75.S
diff --git a/plat/st/common/include/stm32mp_shared_resources.h b/plat/st/common/include/stm32mp_shared_resources.h
index b148666..13f4b13 100644
--- a/plat/st/common/include/stm32mp_shared_resources.h
+++ b/plat/st/common/include/stm32mp_shared_resources.h
@@ -8,6 +8,10 @@
#define STM32MP_SHARED_RESOURCES_H
#include <stdbool.h>
+#include <stdint.h>
+
+#ifdef STM32MP_SHARED_RESOURCES
+enum stm32mp_shres;
/* Return true if @clock_id is shared by secure and non-secure worlds */
bool stm32mp_nsec_can_access_clock(unsigned long clock_id);
@@ -15,7 +19,40 @@
/* Return true if and only if @reset_id relates to a non-secure peripheral */
bool stm32mp_nsec_can_access_reset(unsigned int reset_id);
+/* Register a shared resource assigned to the secure world */
+void stm32mp_register_secure_periph(enum stm32mp_shres id);
+
+/* Register a shared resource assigned to the non-secure world */
+void stm32mp_register_non_secure_periph(enum stm32mp_shres id);
+
+/* Register a peripheral as secure or non-secure based on IO base address */
+void stm32mp_register_secure_periph_iomem(uintptr_t base);
+void stm32mp_register_non_secure_periph_iomem(uintptr_t base);
+
+/* Register a GPIO as secure or non-secure based on its bank and pin numbers */
+void stm32mp_register_secure_gpio(unsigned int bank, unsigned int pin);
+void stm32mp_register_non_secure_gpio(unsigned int bank, unsigned int pin);
+
/* Consolidate peripheral states and lock against new peripheral registering */
void stm32mp_lock_periph_registering(void);
+#else
+static inline void stm32mp_register_secure_periph_iomem(uintptr_t base __unused)
+{
+}
+
+static inline
+void stm32mp_register_non_secure_periph_iomem(uintptr_t base __unused)
+{
+}
+
+static inline void stm32mp_register_secure_gpio(unsigned int bank __unused,
+ unsigned int pin __unused)
+{
+}
+static inline void stm32mp_register_non_secure_gpio(unsigned int bank __unused,
+ unsigned int pin __unused)
+{
+}
+#endif /* STM32MP_SHARED_RESOURCES */
#endif /* STM32MP_SHARED_RESOURCES_H */
diff --git a/plat/st/stm32mp1/stm32mp1_def.h b/plat/st/stm32mp1/stm32mp1_def.h
index ef82d5e..bce5994 100644
--- a/plat/st/stm32mp1/stm32mp1_def.h
+++ b/plat/st/stm32mp1/stm32mp1_def.h
@@ -494,14 +494,16 @@
#define IWDG2_BASE U(0x5A002000)
/*******************************************************************************
- * STM32MP1 I2C4
+ * Miscellaneous STM32MP1 peripherals base address
******************************************************************************/
-#define I2C4_BASE U(0x5C002000)
-
-/*******************************************************************************
- * STM32MP1 DBGMCU
- ******************************************************************************/
+#define CRYP1_BASE U(0x54001000)
#define DBGMCU_BASE U(0x50081000)
+#define HASH1_BASE U(0x54002000)
+#define I2C4_BASE U(0x5C002000)
+#define I2C6_BASE U(0x5c009000)
+#define RNG1_BASE U(0x54003000)
+#define RTC_BASE U(0x5c004000)
+#define SPI6_BASE U(0x5c001000)
/*******************************************************************************
* Device Tree defines
diff --git a/plat/st/stm32mp1/stm32mp1_shared_resources.c b/plat/st/stm32mp1/stm32mp1_shared_resources.c
index 268aa52..208e34a 100644
--- a/plat/st/stm32mp1/stm32mp1_shared_resources.c
+++ b/plat/st/stm32mp1/stm32mp1_shared_resources.c
@@ -44,6 +44,49 @@
/* Force uint8_t array for array of enum shres_state for size considerations */
static uint8_t shres_state[STM32MP1_SHRES_COUNT];
+static const char *shres2str_id_tbl[STM32MP1_SHRES_COUNT] __unused = {
+ [STM32MP1_SHRES_GPIOZ(0)] = "GPIOZ0",
+ [STM32MP1_SHRES_GPIOZ(1)] = "GPIOZ1",
+ [STM32MP1_SHRES_GPIOZ(2)] = "GPIOZ2",
+ [STM32MP1_SHRES_GPIOZ(3)] = "GPIOZ3",
+ [STM32MP1_SHRES_GPIOZ(4)] = "GPIOZ4",
+ [STM32MP1_SHRES_GPIOZ(5)] = "GPIOZ5",
+ [STM32MP1_SHRES_GPIOZ(6)] = "GPIOZ6",
+ [STM32MP1_SHRES_GPIOZ(7)] = "GPIOZ7",
+ [STM32MP1_SHRES_IWDG1] = "IWDG1",
+ [STM32MP1_SHRES_USART1] = "USART1",
+ [STM32MP1_SHRES_SPI6] = "SPI6",
+ [STM32MP1_SHRES_I2C4] = "I2C4",
+ [STM32MP1_SHRES_RNG1] = "RNG1",
+ [STM32MP1_SHRES_HASH1] = "HASH1",
+ [STM32MP1_SHRES_CRYP1] = "CRYP1",
+ [STM32MP1_SHRES_I2C6] = "I2C6",
+ [STM32MP1_SHRES_RTC] = "RTC",
+ [STM32MP1_SHRES_MCU] = "MCU",
+ [STM32MP1_SHRES_MDMA] = "MDMA",
+ [STM32MP1_SHRES_PLL3] = "PLL3",
+};
+
+static const char __unused *shres2str_id(enum stm32mp_shres id)
+{
+ assert(id < ARRAY_SIZE(shres2str_id_tbl));
+
+ return shres2str_id_tbl[id];
+}
+
+static const char __unused *shres2str_state_tbl[] = {
+ [SHRES_UNREGISTERED] = "unregistered",
+ [SHRES_NON_SECURE] = "non-secure",
+ [SHRES_SECURE] = "secure",
+};
+
+static const char __unused *shres2str_state(unsigned int state)
+{
+ assert(state < ARRAY_SIZE(shres2str_state_tbl));
+
+ return shres2str_state_tbl[state];
+}
+
/* Get resource state: these accesses lock the registering support */
static void lock_registering(void)
{
@@ -92,16 +135,344 @@
return get_gpio_nbpin(GPIO_BANK_Z);
}
+static void register_periph(enum stm32mp_shres id, unsigned int state)
+{
+ assert((id < STM32MP1_SHRES_COUNT) &&
+ ((state == SHRES_SECURE) || (state == SHRES_NON_SECURE)));
+
+ if (registering_locked) {
+ if (shres_state[id] == state) {
+ return;
+ }
+ panic();
+ }
+
+ if ((shres_state[id] != SHRES_UNREGISTERED) &&
+ (shres_state[id] != state)) {
+ VERBOSE("Cannot change %s from %s to %s\n",
+ shres2str_id(id),
+ shres2str_state(shres_state[id]),
+ shres2str_state(state));
+ panic();
+ }
+
+ if (shres_state[id] == SHRES_UNREGISTERED) {
+ VERBOSE("Register %s as %s\n",
+ shres2str_id(id), shres2str_state(state));
+ }
+
+ if ((id >= STM32MP1_SHRES_GPIOZ(0)) &&
+ (id <= STM32MP1_SHRES_GPIOZ(7)) &&
+ ((id - STM32MP1_SHRES_GPIOZ(0)) >= get_gpioz_nbpin())) {
+ ERROR("Invalid GPIO pin %u, %u pin(s) available\n",
+ id - STM32MP1_SHRES_GPIOZ(0), get_gpioz_nbpin());
+ panic();
+ }
+
+ shres_state[id] = (uint8_t)state;
+
+ /* Explore clock tree to lock dependencies */
+ if (state == SHRES_SECURE) {
+ enum stm32mp_shres clock_res_id;
+
+ switch (id) {
+ case STM32MP1_SHRES_GPIOZ(0):
+ case STM32MP1_SHRES_GPIOZ(1):
+ case STM32MP1_SHRES_GPIOZ(2):
+ case STM32MP1_SHRES_GPIOZ(3):
+ case STM32MP1_SHRES_GPIOZ(4):
+ case STM32MP1_SHRES_GPIOZ(5):
+ case STM32MP1_SHRES_GPIOZ(6):
+ case STM32MP1_SHRES_GPIOZ(7):
+ clock_res_id = GPIOZ;
+ break;
+ case STM32MP1_SHRES_IWDG1:
+ clock_res_id = IWDG1;
+ break;
+ case STM32MP1_SHRES_USART1:
+ clock_res_id = USART1_K;
+ break;
+ case STM32MP1_SHRES_SPI6:
+ clock_res_id = SPI6_K;
+ break;
+ case STM32MP1_SHRES_I2C4:
+ clock_res_id = I2C4_K;
+ break;
+ case STM32MP1_SHRES_RNG1:
+ clock_res_id = RNG1_K;
+ break;
+ case STM32MP1_SHRES_HASH1:
+ clock_res_id = HASH1;
+ break;
+ case STM32MP1_SHRES_CRYP1:
+ clock_res_id = CRYP1;
+ break;
+ case STM32MP1_SHRES_I2C6:
+ clock_res_id = I2C6_K;
+ break;
+ case STM32MP1_SHRES_RTC:
+ clock_res_id = RTC;
+ break;
+ default:
+ /* No clock resource dependency */
+ return;
+ }
+
+ stm32mp1_register_clock_parents_secure(clock_res_id);
+ }
+}
+
+/* Register resource by ID */
+void stm32mp_register_secure_periph(enum stm32mp_shres id)
+{
+ register_periph(id, SHRES_SECURE);
+}
+
+void stm32mp_register_non_secure_periph(enum stm32mp_shres id)
+{
+ register_periph(id, SHRES_NON_SECURE);
+}
+
+static void register_periph_iomem(uintptr_t base, unsigned int state)
+{
+ enum stm32mp_shres id;
+
+ switch (base) {
+ case CRYP1_BASE:
+ id = STM32MP1_SHRES_CRYP1;
+ break;
+ case HASH1_BASE:
+ id = STM32MP1_SHRES_HASH1;
+ break;
+ case I2C4_BASE:
+ id = STM32MP1_SHRES_I2C4;
+ break;
+ case I2C6_BASE:
+ id = STM32MP1_SHRES_I2C6;
+ break;
+ case IWDG1_BASE:
+ id = STM32MP1_SHRES_IWDG1;
+ break;
+ case RNG1_BASE:
+ id = STM32MP1_SHRES_RNG1;
+ break;
+ case RTC_BASE:
+ id = STM32MP1_SHRES_RTC;
+ break;
+ case SPI6_BASE:
+ id = STM32MP1_SHRES_SPI6;
+ break;
+ case USART1_BASE:
+ id = STM32MP1_SHRES_USART1;
+ break;
+
+ case GPIOA_BASE:
+ case GPIOB_BASE:
+ case GPIOC_BASE:
+ case GPIOD_BASE:
+ case GPIOE_BASE:
+ case GPIOF_BASE:
+ case GPIOG_BASE:
+ case GPIOH_BASE:
+ case GPIOI_BASE:
+ case GPIOJ_BASE:
+ case GPIOK_BASE:
+ case USART2_BASE:
+ case USART3_BASE:
+ case UART4_BASE:
+ case UART5_BASE:
+ case USART6_BASE:
+ case UART7_BASE:
+ case UART8_BASE:
+ case IWDG2_BASE:
+ /* Allow drivers to register some non-secure resources */
+ VERBOSE("IO for non-secure resource 0x%x\n",
+ (unsigned int)base);
+ if (state != SHRES_NON_SECURE) {
+ panic();
+ }
+
+ return;
+
+ default:
+ panic();
+ }
+
+ register_periph(id, state);
+}
+
+void stm32mp_register_secure_periph_iomem(uintptr_t base)
+{
+ register_periph_iomem(base, SHRES_SECURE);
+}
+
+void stm32mp_register_non_secure_periph_iomem(uintptr_t base)
+{
+ register_periph_iomem(base, SHRES_NON_SECURE);
+}
+
+void stm32mp_register_secure_gpio(unsigned int bank, unsigned int pin)
+{
+ switch (bank) {
+ case GPIO_BANK_Z:
+ register_periph(STM32MP1_SHRES_GPIOZ(pin), SHRES_SECURE);
+ break;
+ default:
+ ERROR("GPIO bank %u cannot be secured\n", bank);
+ panic();
+ }
+}
+
-/* Currently allow full access by non-secure to platform clock services */
+void stm32mp_register_non_secure_gpio(unsigned int bank, unsigned int pin)
+{
+ switch (bank) {
+ case GPIO_BANK_Z:
+ register_periph(STM32MP1_SHRES_GPIOZ(pin), SHRES_NON_SECURE);
+ break;
+ default:
+ break;
+ }
+}
+
+static bool stm32mp_gpio_bank_is_non_secure(unsigned int bank)
+{
+ unsigned int non_secure = 0U;
+ unsigned int i;
+
+ lock_registering();
+
+ if (bank != GPIO_BANK_Z) {
+ return true;
+ }
+
+ for (i = 0U; i < get_gpioz_nbpin(); i++) {
+ if (periph_is_non_secure(STM32MP1_SHRES_GPIOZ(i))) {
+ non_secure++;
+ }
+ }
+
+ return non_secure == get_gpioz_nbpin();
+}
+
+static bool stm32mp_gpio_bank_is_secure(unsigned int bank)
+{
+ unsigned int secure = 0U;
+ unsigned int i;
+
+ lock_registering();
+
+ if (bank != GPIO_BANK_Z) {
+ return false;
+ }
+
+ for (i = 0U; i < get_gpioz_nbpin(); i++) {
+ if (periph_is_secure(STM32MP1_SHRES_GPIOZ(i))) {
+ secure++;
+ }
+ }
+
+ return secure == get_gpioz_nbpin();
+}
+
bool stm32mp_nsec_can_access_clock(unsigned long clock_id)
{
- return true;
+ enum stm32mp_shres shres_id = STM32MP1_SHRES_COUNT;
+
+ switch (clock_id) {
+ case CK_CSI:
+ case CK_HSE:
+ case CK_HSE_DIV2:
+ case CK_HSI:
+ case CK_LSE:
+ case CK_LSI:
+ case PLL1_P:
+ case PLL1_Q:
+ case PLL1_R:
+ case PLL2_P:
+ case PLL2_Q:
+ case PLL2_R:
+ case PLL3_P:
+ case PLL3_Q:
+ case PLL3_R:
+ case RTCAPB:
+ return true;
+ case GPIOZ:
+ /* Allow clock access if at least one pin is non-secure */
+ return !stm32mp_gpio_bank_is_secure(GPIO_BANK_Z);
+ case CRYP1:
+ shres_id = STM32MP1_SHRES_CRYP1;
+ break;
+ case HASH1:
+ shres_id = STM32MP1_SHRES_HASH1;
+ break;
+ case I2C4_K:
+ shres_id = STM32MP1_SHRES_I2C4;
+ break;
+ case I2C6_K:
+ shres_id = STM32MP1_SHRES_I2C6;
+ break;
+ case IWDG1:
+ shres_id = STM32MP1_SHRES_IWDG1;
+ break;
+ case RNG1_K:
+ shres_id = STM32MP1_SHRES_RNG1;
+ break;
+ case RTC:
+ shres_id = STM32MP1_SHRES_RTC;
+ break;
+ case SPI6_K:
+ shres_id = STM32MP1_SHRES_SPI6;
+ break;
+ case USART1_K:
+ shres_id = STM32MP1_SHRES_USART1;
+ break;
+ default:
+ return false;
+ }
+
+ return periph_is_non_secure(shres_id);
}
-/* Currently allow full access by non-secure to platform reset services */
bool stm32mp_nsec_can_access_reset(unsigned int reset_id)
{
- return true;
+ enum stm32mp_shres shres_id = STM32MP1_SHRES_COUNT;
+
+ switch (reset_id) {
+ case CRYP1_R:
+ shres_id = STM32MP1_SHRES_CRYP1;
+ break;
+ case GPIOZ_R:
+ /* GPIOZ reset mandates all pins are non-secure */
+ return stm32mp_gpio_bank_is_non_secure(GPIO_BANK_Z);
+ case HASH1_R:
+ shres_id = STM32MP1_SHRES_HASH1;
+ break;
+ case I2C4_R:
+ shres_id = STM32MP1_SHRES_I2C4;
+ break;
+ case I2C6_R:
+ shres_id = STM32MP1_SHRES_I2C6;
+ break;
+ case MCU_R:
+ shres_id = STM32MP1_SHRES_MCU;
+ break;
+ case MDMA_R:
+ shres_id = STM32MP1_SHRES_MDMA;
+ break;
+ case RNG1_R:
+ shres_id = STM32MP1_SHRES_RNG1;
+ break;
+ case SPI6_R:
+ shres_id = STM32MP1_SHRES_SPI6;
+ break;
+ case USART1_R:
+ shres_id = STM32MP1_SHRES_USART1;
+ break;
+ default:
+ return false;
+ }
+
+ return periph_is_non_secure(shres_id);
}
static bool mckprot_protects_periph(enum stm32mp_shres id)
@@ -170,10 +541,10 @@
}
if (!secure || (mckprot_protects_periph(n) && (!mckprot))) {
- ERROR("RCC %s MCKPROT %s and %u secure\n",
+ ERROR("RCC %s MCKPROT %s and %s secure\n",
secure ? "secure" : "non-secure",
mckprot ? "set" : "not set",
- n);
+ shres2str_id(n));
error++;
}
}
@@ -201,14 +572,14 @@
for (id = 0U; id < STM32MP1_SHRES_COUNT; id++) {
switch (shres_state[id]) {
case SHRES_SECURE:
- INFO("stm32mp1 %u is secure\n", id);
+ INFO("stm32mp1 %s is secure\n", shres2str_id(id));
break;
case SHRES_NON_SECURE:
case SHRES_UNREGISTERED:
- VERBOSE("stm32mp %u is non-secure\n", id);
+ VERBOSE("stm32mp %s is non-secure\n", shres2str_id(id));
break;
default:
- VERBOSE("stm32mp %u is invalid\n", id);
+ VERBOSE("stm32mp %s is invalid\n", shres2str_id(id));
panic();
}
}
diff --git a/tools/fiptool/fiptool.c b/tools/fiptool/fiptool.c
index 80b498e..8c5b04a 100644
--- a/tools/fiptool/fiptool.c
+++ b/tools/fiptool/fiptool.c
@@ -24,17 +24,17 @@
#define OPT_ALIGN 2
static int info_cmd(int argc, char *argv[]);
-static void info_usage(void);
+static void info_usage(int);
static int create_cmd(int argc, char *argv[]);
-static void create_usage(void);
+static void create_usage(int);
static int update_cmd(int argc, char *argv[]);
-static void update_usage(void);
+static void update_usage(int);
static int unpack_cmd(int argc, char *argv[]);
-static void unpack_usage(void);
+static void unpack_usage(int);
static int remove_cmd(int argc, char *argv[]);
-static void remove_usage(void);
+static void remove_usage(int);
static int version_cmd(int argc, char *argv[]);
-static void version_usage(void);
+static void version_usage(int);
static int help_cmd(int argc, char *argv[]);
static void usage(void);
@@ -448,7 +448,7 @@
fip_toc_header_t toc_header;
if (argc != 2)
- info_usage();
+ info_usage(EXIT_FAILURE);
argc--, argv++;
parse_fip(argv[0], &toc_header);
@@ -487,10 +487,10 @@
return 0;
}
-static void info_usage(void)
+static void info_usage(int exit_status)
{
printf("fiptool info FIP_FILENAME\n");
- exit(1);
+ exit(exit_status);
}
static int pack_images(const char *filename, uint64_t toc_flags, unsigned long align)
@@ -669,7 +669,7 @@
unsigned long align = 1;
if (argc < 2)
- create_usage();
+ create_usage(EXIT_FAILURE);
opts = fill_common_opts(opts, &nr_opts, required_argument);
opts = add_opt(opts, &nr_opts, "plat-toc-flags", required_argument,
@@ -710,7 +710,7 @@
if (memcmp(&uuid, &uuid_null, sizeof(uuid_t)) == 0 ||
filename[0] == '\0')
- create_usage();
+ create_usage(EXIT_FAILURE);
desc = lookup_image_desc_from_uuid(&uuid);
if (desc == NULL) {
@@ -722,7 +722,7 @@
break;
}
default:
- create_usage();
+ create_usage(EXIT_FAILURE);
}
}
argc -= optind;
@@ -730,7 +730,7 @@
free(opts);
if (argc == 0)
- create_usage();
+ create_usage(EXIT_SUCCESS);
update_fip();
@@ -738,7 +738,7 @@
return 0;
}
-static void create_usage(void)
+static void create_usage(int exit_status)
{
toc_entry_t *toc_entry = toc_entries;
@@ -753,7 +753,7 @@
for (; toc_entry->cmdline_name != NULL; toc_entry++)
printf(" --%-16s FILENAME\t%s\n", toc_entry->cmdline_name,
toc_entry->name);
- exit(1);
+ exit(exit_status);
}
static int update_cmd(int argc, char *argv[])
@@ -767,7 +767,7 @@
int pflag = 0;
if (argc < 2)
- update_usage();
+ update_usage(EXIT_FAILURE);
opts = fill_common_opts(opts, &nr_opts, required_argument);
opts = add_opt(opts, &nr_opts, "align", required_argument, OPT_ALIGN);
@@ -807,7 +807,7 @@
if (memcmp(&uuid, &uuid_null, sizeof(uuid_t)) == 0 ||
filename[0] == '\0')
- update_usage();
+ update_usage(EXIT_FAILURE);
desc = lookup_image_desc_from_uuid(&uuid);
if (desc == NULL) {
@@ -825,7 +825,7 @@
snprintf(outfile, sizeof(outfile), "%s", optarg);
break;
default:
- update_usage();
+ update_usage(EXIT_FAILURE);
}
}
argc -= optind;
@@ -833,7 +833,7 @@
free(opts);
if (argc == 0)
- update_usage();
+ update_usage(EXIT_SUCCESS);
if (outfile[0] == '\0')
snprintf(outfile, sizeof(outfile), "%s", argv[0]);
@@ -851,7 +851,7 @@
return 0;
}
-static void update_usage(void)
+static void update_usage(int exit_status)
{
toc_entry_t *toc_entry = toc_entries;
@@ -867,7 +867,7 @@
for (; toc_entry->cmdline_name != NULL; toc_entry++)
printf(" --%-16s FILENAME\t%s\n", toc_entry->cmdline_name,
toc_entry->name);
- exit(1);
+ exit(exit_status);
}
static int unpack_cmd(int argc, char *argv[])
@@ -880,7 +880,7 @@
int unpack_all = 1;
if (argc < 2)
- unpack_usage();
+ unpack_usage(EXIT_FAILURE);
opts = fill_common_opts(opts, &nr_opts, required_argument);
opts = add_opt(opts, &nr_opts, "blob", required_argument, 'b');
@@ -915,7 +915,7 @@
if (memcmp(&uuid, &uuid_null, sizeof(uuid_t)) == 0 ||
filename[0] == '\0')
- unpack_usage();
+ unpack_usage(EXIT_FAILURE);
desc = lookup_image_desc_from_uuid(&uuid);
if (desc == NULL) {
@@ -934,7 +934,7 @@
snprintf(outdir, sizeof(outdir), "%s", optarg);
break;
default:
- unpack_usage();
+ unpack_usage(EXIT_FAILURE);
}
}
argc -= optind;
@@ -942,7 +942,7 @@
free(opts);
if (argc == 0)
- unpack_usage();
+ unpack_usage(EXIT_SUCCESS);
parse_fip(argv[0], NULL);
@@ -986,7 +986,7 @@
return 0;
}
-static void unpack_usage(void)
+static void unpack_usage(int exit_status)
{
toc_entry_t *toc_entry = toc_entries;
@@ -1003,7 +1003,7 @@
toc_entry->name);
printf("\n");
printf("If no options are provided, all images will be unpacked.\n");
- exit(1);
+ exit(exit_status);
}
static int remove_cmd(int argc, char *argv[])
@@ -1017,7 +1017,7 @@
int fflag = 0;
if (argc < 2)
- remove_usage();
+ remove_usage(EXIT_FAILURE);
opts = fill_common_opts(opts, &nr_opts, no_argument);
opts = add_opt(opts, &nr_opts, "align", required_argument, OPT_ALIGN);
@@ -1053,7 +1053,7 @@
filename, sizeof(filename));
if (memcmp(&uuid, &uuid_null, sizeof(uuid_t)) == 0)
- remove_usage();
+ remove_usage(EXIT_FAILURE);
desc = lookup_image_desc_from_uuid(&uuid);
if (desc == NULL) {
@@ -1071,7 +1071,7 @@
snprintf(outfile, sizeof(outfile), "%s", optarg);
break;
default:
- remove_usage();
+ remove_usage(EXIT_FAILURE);
}
}
argc -= optind;
@@ -1079,7 +1079,7 @@
free(opts);
if (argc == 0)
- remove_usage();
+ remove_usage(EXIT_SUCCESS);
if (outfile[0] != '\0' && access(outfile, F_OK) == 0 && !fflag)
log_errx("File %s already exists, use --force to overwrite it",
@@ -1110,7 +1110,7 @@
return 0;
}
-static void remove_usage(void)
+static void remove_usage(int exit_status)
{
toc_entry_t *toc_entry = toc_entries;
@@ -1126,7 +1126,7 @@
for (; toc_entry->cmdline_name != NULL; toc_entry++)
printf(" --%-16s\t%s\n", toc_entry->cmdline_name,
toc_entry->name);
- exit(1);
+ exit(exit_status);
}
static int version_cmd(int argc, char *argv[])
@@ -1140,10 +1140,10 @@
return 0;
}
-static void version_usage(void)
+static void version_usage(int exit_status)
{
printf("fiptool version\n");
- exit(1);
+ exit(exit_status);
}
static int help_cmd(int argc, char *argv[])
@@ -1157,7 +1157,7 @@
for (i = 0; i < NELEM(cmds); i++) {
if (strcmp(cmds[i].name, argv[0]) == 0 &&
cmds[i].usage != NULL)
- cmds[i].usage();
+ cmds[i].usage(EXIT_SUCCESS);
}
if (i == NELEM(cmds))
printf("No help for subcommand '%s'\n", argv[0]);
@@ -1178,7 +1178,7 @@
printf(" remove\tRemove images from FIP.\n");
printf(" version\tShow fiptool version.\n");
printf(" help\t\tShow help for given command.\n");
- exit(1);
+ exit(EXIT_SUCCESS);
}
int main(int argc, char *argv[])
diff --git a/tools/fiptool/fiptool.h b/tools/fiptool/fiptool.h
index af3fcbd..88c4a7e 100644
--- a/tools/fiptool/fiptool.h
+++ b/tools/fiptool/fiptool.h
@@ -48,7 +48,7 @@
typedef struct cmd {
char *name;
int (*handler)(int, char **);
- void (*usage)(void);
+ void (*usage)(int);
} cmd_t;
#endif /* FIPTOOL_H */