1 /*
2 * Copyright 2021 NXP
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8 #include <common/debug.h>
9
10 #include <plat_tzc400.h>
11
12 #pragma weak populate_tzc400_reg_list
13
14 #ifdef DEFAULT_TZASC_CONFIG
15 /*
16 * Typical Memory map of DRAM0
17 * |-----------NXP_NS_DRAM_ADDR ( = NXP_DRAM0_ADDR)----------|
18 * | |
19 * | |
20 * | Non-SECURE REGION |
21 * | |
22 * | |
23 * | |
24 * |------- (NXP_NS_DRAM_ADDR + NXP_NS_DRAM_SIZE - 1) -------|
25 * |-----------------NXP_SECURE_DRAM_ADDR--------------------|
26 * | |
27 * | |
28 * | |
29 * | SECURE REGION (= 64MB) |
30 * | |
31 * | |
32 * | |
33 * |--- (NXP_SECURE_DRAM_ADDR + NXP_SECURE_DRAM_SIZE - 1)----|
34 * |-----------------NXP_SP_SHRD_DRAM_ADDR-------------------|
35 * | |
36 * | Secure EL1 Payload SHARED REGION (= 2MB) |
37 * | |
38 * |-----------(NXP_DRAM0_ADDR + NXP_DRAM0_SIZE - 1)---------|
39 *
40 *
41 *
42 * Typical Memory map of DRAM1
43 * |---------------------NXP_DRAM1_ADDR----------------------|
44 * | |
45 * | |
46 * | Non-SECURE REGION |
47 * | |
48 * | |
49 * |---(NXP_DRAM1_ADDR + Dynamically calculated Size - 1) ---|
50 *
51 *
52 * Typical Memory map of DRAM2
53 * |---------------------NXP_DRAM2_ADDR----------------------|
54 * | |
55 * | |
56 * | Non-SECURE REGION |
57 * | |
58 * | |
59 * |---(NXP_DRAM2_ADDR + Dynamically calculated Size - 1) ---|
60 */
61
62 /*****************************************************************************
63 * This function sets up access permissions on memory regions
64 *
65 * Input:
66 * tzc400_reg_list : TZC400 Region List
67 * dram_idx : DRAM index
68 * list_idx : TZC400 Region List Index
69 * dram_start_addr : Start address of DRAM at dram_idx.
70 * dram_size : Size of DRAM at dram_idx.
71 * secure_dram_sz : Secure DRAM Size
72 * shrd_dram_sz : Shared DRAM Size
73 *
74 * Out:
75 * list_idx : last populated index + 1
76 *
77 ****************************************************************************/
populate_tzc400_reg_list(struct tzc400_reg * tzc400_reg_list,int dram_idx,int list_idx,uint64_t dram_start_addr,uint64_t dram_size,uint32_t secure_dram_sz,uint32_t shrd_dram_sz)78 int populate_tzc400_reg_list(struct tzc400_reg *tzc400_reg_list,
79 int dram_idx, int list_idx,
80 uint64_t dram_start_addr,
81 uint64_t dram_size,
82 uint32_t secure_dram_sz,
83 uint32_t shrd_dram_sz)
84 {
85 if (list_idx == 0) {
86 /* No need to configure TZC Region 0 in this list.
87 */
88 list_idx++;
89 }
90 /* Continue with list entries for index > 0 */
91 if (dram_idx == 0) {
92 /* TZC Region 1 on DRAM0 for Secure Memory*/
93 tzc400_reg_list[list_idx].reg_filter_en = 1;
94 tzc400_reg_list[list_idx].start_addr = dram_start_addr + dram_size;
95 tzc400_reg_list[list_idx].end_addr = dram_start_addr + dram_size
96 + secure_dram_sz - 1;
97 tzc400_reg_list[list_idx].sec_attr = TZC_REGION_S_RDWR;
98 tzc400_reg_list[list_idx].nsaid_permissions = TZC_REGION_NS_NONE;
99 list_idx++;
100
101 /* TZC Region 2 on DRAM0 for Shared Memory*/
102 tzc400_reg_list[list_idx].reg_filter_en = 1;
103 tzc400_reg_list[list_idx].start_addr = dram_start_addr + dram_size
104 + secure_dram_sz;
105 tzc400_reg_list[list_idx].end_addr = dram_start_addr + dram_size
106 + secure_dram_sz
107 + shrd_dram_sz
108 - 1;
109 tzc400_reg_list[list_idx].sec_attr = TZC_REGION_S_RDWR;
110 tzc400_reg_list[list_idx].nsaid_permissions = TZC_NS_ACCESS_ID;
111 list_idx++;
112
113 /* TZC Region 3 on DRAM0 for Non-Secure Memory*/
114 tzc400_reg_list[list_idx].reg_filter_en = 1;
115 tzc400_reg_list[list_idx].start_addr = dram_start_addr;
116 tzc400_reg_list[list_idx].end_addr = dram_start_addr + dram_size
117 - 1;
118 tzc400_reg_list[list_idx].sec_attr = TZC_REGION_S_RDWR;
119 tzc400_reg_list[list_idx].nsaid_permissions = TZC_NS_ACCESS_ID;
120 list_idx++;
121 } else {
122 /* TZC Region 3+i on DRAM(> 0) for Non-Secure Memory*/
123 tzc400_reg_list[list_idx].reg_filter_en = 1;
124 tzc400_reg_list[list_idx].start_addr = dram_start_addr;
125 tzc400_reg_list[list_idx].end_addr = dram_start_addr + dram_size
126 - 1;
127 tzc400_reg_list[list_idx].sec_attr = TZC_REGION_S_RDWR;
128 tzc400_reg_list[list_idx].nsaid_permissions = TZC_NS_ACCESS_ID;
129 list_idx++;
130 }
131
132 return list_idx;
133 }
134 #else
populate_tzc400_reg_list(struct tzc400_reg * tzc400_reg_list,int dram_idx,int list_idx,uint64_t dram_start_addr,uint64_t dram_size,uint32_t secure_dram_sz,uint32_t shrd_dram_sz)135 int populate_tzc400_reg_list(struct tzc400_reg *tzc400_reg_list,
136 int dram_idx, int list_idx,
137 uint64_t dram_start_addr,
138 uint64_t dram_size,
139 uint32_t secure_dram_sz,
140 uint32_t shrd_dram_sz)
141 {
142 ERROR("tzc400_reg_list used is not a default list\n");
143 ERROR("%s needs to be over-written.\n", __func__);
144 return 0;
145 }
146 #endif /* DEFAULT_TZASC_CONFIG */
147
148 /*******************************************************************************
149 * Configure memory access permissions
150 * - Region 0 with no access;
151 * - Region 1 to 4 as per the tzc400_reg_list populated by
152 * function populate_tzc400_reg_list() with default for all the SoC.
153 ******************************************************************************/
mem_access_setup(uintptr_t base,uint32_t total_regions,struct tzc400_reg * tzc400_reg_list)154 void mem_access_setup(uintptr_t base, uint32_t total_regions,
155 struct tzc400_reg *tzc400_reg_list)
156 {
157 uint32_t list_indx = 0U;
158
159 INFO("Configuring TrustZone Controller\n");
160
161 tzc400_init(base);
162
163 /* Disable filters. */
164 tzc400_disable_filters();
165
166 /* Region 0 set to no access by default */
167 tzc400_configure_region0(TZC_REGION_S_NONE, 0U);
168
169 for (list_indx = 1U; list_indx < total_regions; list_indx++) {
170 tzc400_configure_region(
171 tzc400_reg_list[list_indx].reg_filter_en,
172 list_indx,
173 tzc400_reg_list[list_indx].start_addr,
174 tzc400_reg_list[list_indx].end_addr,
175 tzc400_reg_list[list_indx].sec_attr,
176 tzc400_reg_list[list_indx].nsaid_permissions);
177 }
178
179 /*
180 * Raise an exception if a NS device tries to access secure memory
181 * TODO: Add interrupt handling support.
182 */
183 tzc400_set_action(TZC_ACTION_ERR);
184
185 /* Enable filters. */
186 tzc400_enable_filters();
187 }
188