plat/brcm/board/stingray/src/tz_sec.c - filogic/atf - Gitiles

 /*
  * Copyright (c) 2016 - 2020, Broadcom
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */

 #include <common/debug.h>
 #include <drivers/arm/tzc400.h>
 #include <lib/mmio.h>

 #include <cmn_sec.h>
 #include <platform_def.h>

 /*
  * Trust Zone controllers
  */
 #define TZC400_FS_SRAM_ROOT	0x66d84000

 /*
  * TZPC Master configure registers
  */

 /* TZPC_TZPCDECPROT0set */
 #define TZPC0_MASTER_NS_BASE		0x68b40804
 #define TZPC0_SATA3_BIT			5
 #define TZPC0_SATA2_BIT			4
 #define TZPC0_SATA1_BIT			3
 #define TZPC0_SATA0_BIT			2
 #define TZPC0_USB3H1_BIT		1
 #define TZPC0_USB3H0_BIT		0
 #define TZPC0_MASTER_SEC_DEFAULT	0

 /* TZPC_TZPCDECPROT1set */
 #define TZPC1_MASTER_NS_BASE		0x68b40810
 #define TZPC1_SDIO1_BIT			6
 #define TZPC1_SDIO0_BIT			5
 #define TZPC1_AUDIO0_BIT		4
 #define TZPC1_USB2D_BIT			3
 #define TZPC1_USB2H1_BIT		2
 #define TZPC1_USB2H0_BIT		1
 #define TZPC1_AMAC0_BIT			0
 #define TZPC1_MASTER_SEC_DEFAULT	0


 struct tz_sec_desc {
 	uintptr_t addr;
 	uint32_t val;
 };

 static const struct tz_sec_desc tz_master_defaults[] = {
 { TZPC0_MASTER_NS_BASE, TZPC0_MASTER_SEC_DEFAULT },
 { TZPC1_MASTER_NS_BASE, TZPC1_MASTER_SEC_DEFAULT }
 };

 /*
  * Initialize the TrustZone Controller for SRAM partitioning.
  */
 static void bcm_tzc_setup(void)
 {
 	VERBOSE("Configuring SRAM TrustZone Controller\n");

 	/* Init the TZASC controller */
 	tzc400_init(TZC400_FS_SRAM_ROOT);

 	/*
 	 * Close the entire SRAM space
 	 * Region 0 covers the entire SRAM space
 	 * None of the NS device can access it.
 	 */
 	tzc400_configure_region0(TZC_REGION_S_RDWR, 0);

 	/* Do raise an exception if a NS device tries to access secure memory */
 	tzc400_set_action(TZC_ACTION_ERR);
 }

 /*
  * Configure TZ Master as NS_MASTER or SECURE_MASTER
  * To set a Master to non-secure, use *_SET registers
  * To set a Master to secure, use *_CLR registers (set + 0x4 address)
  */
 static void tz_master_set(uint32_t base, uint32_t value, uint32_t ns)
 {
 	if (ns == SECURE_MASTER) {
 		mmio_write_32(base + 4, value);
 	} else {
 		mmio_write_32(base, value);
 	}
 }

 /*
  * Initialize the secure environment for sdio.
  */
 void plat_tz_sdio_ns_master_set(uint32_t ns)
 {
 	tz_master_set(TZPC1_MASTER_NS_BASE,
 			1 << TZPC1_SDIO0_BIT,
 			ns);
 }

 /*
  * Initialize the secure environment for usb.
  */
 void plat_tz_usb_ns_master_set(uint32_t ns)
 {
 	tz_master_set(TZPC1_MASTER_NS_BASE,
 			1 << TZPC1_USB2H0_BIT,
 			ns);
 }

 /*
  * Set masters to default configuration.
  *
  * DMA security settings are programmed into the PL-330 controller and
  * are not set by iProc TZPC registers.
  * DMA always comes up as secure master (*NS bit is 0).
  *
  * Because the default reset values of TZPC are 0 (== Secure),
  * ARM Verilog code makes all masters, including PCIe, come up as
  * secure.
  * However, SOTP has a bit called SOTP_ALLMASTER_NS that overrides
  * TZPC and makes all masters non-secure for AB devices.
  *
  * Hence we first set all the TZPC bits to program all masters,
  * including PCIe, as non-secure, then set the CLEAR_ALLMASTER_NS bit
  * so that the SOTP_ALLMASTER_NS cannot override TZPC.
  * now security settings for each masters come from TZPC
  * (which makes all masters other than DMA as non-secure).
  *
  * During the boot, all masters other than DMA Ctrlr + list
  * are non-secure in an AB Prod/AB Dev/AB Pending device.
  *
  */
 void plat_tz_master_default_cfg(void)
 {
 	int i;

 	/* Configure default secure and non-secure TZ Masters */
 	for (i = 0; i < ARRAY_SIZE(tz_master_defaults); i++) {
 		tz_master_set(tz_master_defaults[i].addr,
 			      tz_master_defaults[i].val,
 			      SECURE_MASTER);
 		tz_master_set(tz_master_defaults[i].addr,
 			      ~tz_master_defaults[i].val,
 			      NS_MASTER);
 	}

 	/* Clear all master NS */
 	mmio_setbits_32(SOTP_CHIP_CTRL,
 			1 << SOTP_CLEAR_SYSCTRL_ALL_MASTER_NS);

 	/* Initialize TZ controller and Set SRAM to secure */
 	bcm_tzc_setup();
 }
	/*
	* Copyright (c) 2016 - 2020, Broadcom
	*
	* SPDX-License-Identifier: BSD-3-Clause
	*/

	#include <common/debug.h>
	#include <drivers/arm/tzc400.h>
	#include <lib/mmio.h>

	#include <cmn_sec.h>
	#include <platform_def.h>

	/*
	* Trust Zone controllers
	*/
	#define TZC400_FS_SRAM_ROOT 0x66d84000

	/*
	* TZPC Master configure registers
	*/

	/* TZPC_TZPCDECPROT0set */
	#define TZPC0_MASTER_NS_BASE 0x68b40804
	#define TZPC0_SATA3_BIT 5
	#define TZPC0_SATA2_BIT 4
	#define TZPC0_SATA1_BIT 3
	#define TZPC0_SATA0_BIT 2
	#define TZPC0_USB3H1_BIT 1
	#define TZPC0_USB3H0_BIT 0
	#define TZPC0_MASTER_SEC_DEFAULT 0

	/* TZPC_TZPCDECPROT1set */
	#define TZPC1_MASTER_NS_BASE 0x68b40810
	#define TZPC1_SDIO1_BIT 6
	#define TZPC1_SDIO0_BIT 5
	#define TZPC1_AUDIO0_BIT 4
	#define TZPC1_USB2D_BIT 3
	#define TZPC1_USB2H1_BIT 2
	#define TZPC1_USB2H0_BIT 1
	#define TZPC1_AMAC0_BIT 0
	#define TZPC1_MASTER_SEC_DEFAULT 0


	struct tz_sec_desc {
	uintptr_t addr;
	uint32_t val;
	};

	static const struct tz_sec_desc tz_master_defaults[] = {
	{ TZPC0_MASTER_NS_BASE, TZPC0_MASTER_SEC_DEFAULT },
	{ TZPC1_MASTER_NS_BASE, TZPC1_MASTER_SEC_DEFAULT }
	};

	/*
	* Initialize the TrustZone Controller for SRAM partitioning.
	*/
	static void bcm_tzc_setup(void)
	{
	VERBOSE("Configuring SRAM TrustZone Controller\n");

	/* Init the TZASC controller */
	tzc400_init(TZC400_FS_SRAM_ROOT);

	/*
	* Close the entire SRAM space
	* Region 0 covers the entire SRAM space
	* None of the NS device can access it.
	*/
	tzc400_configure_region0(TZC_REGION_S_RDWR, 0);

	/* Do raise an exception if a NS device tries to access secure memory */
	tzc400_set_action(TZC_ACTION_ERR);
	}

	/*
	* Configure TZ Master as NS_MASTER or SECURE_MASTER
	* To set a Master to non-secure, use *_SET registers
	* To set a Master to secure, use *_CLR registers (set + 0x4 address)
	*/
	static void tz_master_set(uint32_t base, uint32_t value, uint32_t ns)
	{
	if (ns == SECURE_MASTER) {
	mmio_write_32(base + 4, value);
	} else {
	mmio_write_32(base, value);
	}
	}

	/*
	* Initialize the secure environment for sdio.
	*/
	void plat_tz_sdio_ns_master_set(uint32_t ns)
	{
	tz_master_set(TZPC1_MASTER_NS_BASE,
	1 << TZPC1_SDIO0_BIT,
	ns);
	}

	/*
	* Initialize the secure environment for usb.
	*/
	void plat_tz_usb_ns_master_set(uint32_t ns)
	{
	tz_master_set(TZPC1_MASTER_NS_BASE,
	1 << TZPC1_USB2H0_BIT,
	ns);
	}

	/*
	* Set masters to default configuration.
	*
	* DMA security settings are programmed into the PL-330 controller and
	* are not set by iProc TZPC registers.
	* DMA always comes up as secure master (*NS bit is 0).
	*
	* Because the default reset values of TZPC are 0 (== Secure),
	* ARM Verilog code makes all masters, including PCIe, come up as
	* secure.
	* However, SOTP has a bit called SOTP_ALLMASTER_NS that overrides
	* TZPC and makes all masters non-secure for AB devices.
	*
	* Hence we first set all the TZPC bits to program all masters,
	* including PCIe, as non-secure, then set the CLEAR_ALLMASTER_NS bit
	* so that the SOTP_ALLMASTER_NS cannot override TZPC.
	* now security settings for each masters come from TZPC
	* (which makes all masters other than DMA as non-secure).
	*
	* During the boot, all masters other than DMA Ctrlr + list
	* are non-secure in an AB Prod/AB Dev/AB Pending device.
	*
	*/
	void plat_tz_master_default_cfg(void)
	{
	int i;

	/* Configure default secure and non-secure TZ Masters */
	for (i = 0; i < ARRAY_SIZE(tz_master_defaults); i++) {
	tz_master_set(tz_master_defaults[i].addr,
	tz_master_defaults[i].val,
	SECURE_MASTER);
	tz_master_set(tz_master_defaults[i].addr,
	~tz_master_defaults[i].val,
	NS_MASTER);
	}

	/* Clear all master NS */
	mmio_setbits_32(SOTP_CHIP_CTRL,
	1 << SOTP_CLEAR_SYSCTRL_ALL_MASTER_NS);

	/* Initialize TZ controller and Set SRAM to secure */
	bcm_tzc_setup();
	}