commit 89ddad12f7e81fce07eec04baf5c8e80b81d6cb7
author developer <developer@mediatek.com> Tue Mar 29 17:42:41 2016 +0800
committer developer <developer@mediatek.com> Fri Apr 01 13:10:41 2016 +0800
tree b28eebf7dc9990af5febad6bef6de35a991dc876
parent faf144f4dfdda7334ea8634346dcc750bdd8ffb7

mt8173: Protect BL31 memory from non-secure access

BL31 usually handles confidential stuff, its memory must not be
read/write accessible from non-secure world. This patch protects
the BL31 memory range from non-secure read/write access.

Change-Id: I442fb92b667bb2f9a62d471a90508b1ba4489911

plat/mediatek/mt8173/drivers/spm/spm.c

diff --git a/plat/mediatek/mt8173/drivers/spm/spm.c b/plat/mediatek/mt8173/drivers/spm/spm.c
index 45defd8..f28b264 100644
--- a/plat/mediatek/mt8173/drivers/spm/spm.c
+++ b/plat/mediatek/mt8173/drivers/spm/spm.c
@@ -384,6 +384,10 @@
 
 void spm_boot_init(void)
 {
+	/* set spm transaction to secure mode */
+	mmio_write_32(DEVAPC0_APC_CON, 0x0);
+	mmio_write_32(DEVAPC0_MAS_SEC_0, 0x200);
+
 	/* Only CPU0 is online during boot, initialize cpu online reserve bit */
 	mmio_write_32(SPM_PCM_RESERVE, 0xFE);
 	mmio_clrbits_32(AP_PLL_CON3, 0xFFFFF);