mt8173: Protect BL31 memory from non-secure access
BL31 usually handles confidential stuff, its memory must not be
read/write accessible from non-secure world. This patch protects
the BL31 memory range from non-secure read/write access.
Change-Id: I442fb92b667bb2f9a62d471a90508b1ba4489911
diff --git a/plat/mediatek/mt8173/drivers/spm/spm.c b/plat/mediatek/mt8173/drivers/spm/spm.c
index 45defd8..f28b264 100644
--- a/plat/mediatek/mt8173/drivers/spm/spm.c
+++ b/plat/mediatek/mt8173/drivers/spm/spm.c
@@ -384,6 +384,10 @@
void spm_boot_init(void)
{
+ /* set spm transaction to secure mode */
+ mmio_write_32(DEVAPC0_APC_CON, 0x0);
+ mmio_write_32(DEVAPC0_MAS_SEC_0, 0x200);
+
/* Only CPU0 is online during boot, initialize cpu online reserve bit */
mmio_write_32(SPM_PCM_RESERVE, 0xFE);
mmio_clrbits_32(AP_PLL_CON3, 0xFFFFF);