Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 1 | /* |
Roberto Vargas | 2ca18d9 | 2018-02-12 12:36:17 +0000 | [diff] [blame] | 2 | * Copyright (c) 2014-2018, ARM Limited and Contributors. All rights reserved. |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 3 | * |
dp-arm | fa3cf0b | 2017-05-03 09:38:09 +0100 | [diff] [blame] | 4 | * SPDX-License-Identifier: BSD-3-Clause |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 5 | */ |
| 6 | |
Antonio Nino Diaz | e0f9063 | 2018-12-14 00:18:21 +0000 | [diff] [blame] | 7 | #include <platform_def.h> |
| 8 | |
| 9 | #include <common/debug.h> |
| 10 | #include <drivers/arm/tzc400.h> |
| 11 | |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 12 | #include <arm_def.h> |
Antonio Nino Diaz | 7289f92 | 2017-11-09 11:34:09 +0000 | [diff] [blame] | 13 | #include <arm_spm_def.h> |
Roberto Vargas | 2ca18d9 | 2018-02-12 12:36:17 +0000 | [diff] [blame] | 14 | #include <plat_arm.h> |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 15 | |
| 16 | /* Weak definitions may be overridden in specific ARM standard platform */ |
| 17 | #pragma weak plat_arm_security_setup |
| 18 | |
| 19 | |
| 20 | /******************************************************************************* |
| 21 | * Initialize the TrustZone Controller for ARM standard platforms. |
Sandrine Bailleux | 03897bb | 2015-11-26 16:31:34 +0000 | [diff] [blame] | 22 | * When booting an EL3 payload, this is simplified: we configure region 0 with |
| 23 | * secure access only and do not enable any other region. |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 24 | ******************************************************************************/ |
Summer Qin | 5ce394c | 2018-03-12 11:28:26 +0800 | [diff] [blame] | 25 | void arm_tzc400_setup(const arm_tzc_regions_info_t *tzc_regions) |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 26 | { |
Summer Qin | 5ce394c | 2018-03-12 11:28:26 +0800 | [diff] [blame] | 27 | #ifndef EL3_PAYLOAD_BASE |
Antonio Nino Diaz | 5f47579 | 2018-10-15 14:58:11 +0100 | [diff] [blame] | 28 | unsigned int region_index = 1U; |
Summer Qin | 5ce394c | 2018-03-12 11:28:26 +0800 | [diff] [blame] | 29 | const arm_tzc_regions_info_t *p; |
| 30 | const arm_tzc_regions_info_t init_tzc_regions[] = { |
| 31 | ARM_TZC_REGIONS_DEF, |
| 32 | {0} |
| 33 | }; |
| 34 | #endif |
| 35 | |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 36 | INFO("Configuring TrustZone Controller\n"); |
| 37 | |
Soby Mathew | 9c708b5 | 2016-02-26 14:23:19 +0000 | [diff] [blame] | 38 | tzc400_init(PLAT_ARM_TZC_BASE); |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 39 | |
| 40 | /* Disable filters. */ |
Soby Mathew | 9c708b5 | 2016-02-26 14:23:19 +0000 | [diff] [blame] | 41 | tzc400_disable_filters(); |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 42 | |
Sandrine Bailleux | 03897bb | 2015-11-26 16:31:34 +0000 | [diff] [blame] | 43 | #ifndef EL3_PAYLOAD_BASE |
Summer Qin | 5ce394c | 2018-03-12 11:28:26 +0800 | [diff] [blame] | 44 | if (tzc_regions == NULL) |
| 45 | p = init_tzc_regions; |
| 46 | else |
| 47 | p = tzc_regions; |
Soby Mathew | 7e4d665 | 2017-05-10 11:50:30 +0100 | [diff] [blame] | 48 | |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 49 | /* Region 0 set to no access by default */ |
Soby Mathew | 9c708b5 | 2016-02-26 14:23:19 +0000 | [diff] [blame] | 50 | tzc400_configure_region0(TZC_REGION_S_NONE, 0); |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 51 | |
Summer Qin | 5ce394c | 2018-03-12 11:28:26 +0800 | [diff] [blame] | 52 | /* Rest Regions set according to tzc_regions array */ |
| 53 | for (; p->base != 0ULL; p++) { |
| 54 | tzc400_configure_region(PLAT_ARM_TZC_FILTERS, region_index, |
| 55 | p->base, p->end, p->sec_attr, p->nsaid_permissions); |
| 56 | region_index++; |
| 57 | } |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 58 | |
Antonio Nino Diaz | 5f47579 | 2018-10-15 14:58:11 +0100 | [diff] [blame] | 59 | INFO("Total %u regions set.\n", region_index); |
Antonio Nino Diaz | 7289f92 | 2017-11-09 11:34:09 +0000 | [diff] [blame] | 60 | |
| 61 | #else /* if defined(EL3_PAYLOAD_BASE) */ |
| 62 | |
Soby Mathew | 15b149e | 2017-11-13 08:29:45 +0000 | [diff] [blame] | 63 | /* Allow Secure and Non-secure access to DRAM for EL3 payloads */ |
| 64 | tzc400_configure_region0(TZC_REGION_S_RDWR, PLAT_ARM_TZC_NS_DEV_ACCESS); |
Antonio Nino Diaz | 7289f92 | 2017-11-09 11:34:09 +0000 | [diff] [blame] | 65 | |
Sandrine Bailleux | 03897bb | 2015-11-26 16:31:34 +0000 | [diff] [blame] | 66 | #endif /* EL3_PAYLOAD_BASE */ |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 67 | |
| 68 | /* |
| 69 | * Raise an exception if a NS device tries to access secure memory |
| 70 | * TODO: Add interrupt handling support. |
| 71 | */ |
Soby Mathew | 9c708b5 | 2016-02-26 14:23:19 +0000 | [diff] [blame] | 72 | tzc400_set_action(TZC_ACTION_ERR); |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 73 | |
| 74 | /* Enable filters. */ |
Soby Mathew | 9c708b5 | 2016-02-26 14:23:19 +0000 | [diff] [blame] | 75 | tzc400_enable_filters(); |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 76 | } |
| 77 | |
| 78 | void plat_arm_security_setup(void) |
| 79 | { |
Summer Qin | 5ce394c | 2018-03-12 11:28:26 +0800 | [diff] [blame] | 80 | arm_tzc400_setup(NULL); |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 81 | } |