1 /*
2 * Copyright (c) 2015-2021, Renesas Electronics Corporation. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <lib/mmio.h>
8 #include <lib/utils_def.h>
9
10 #include "axi_registers.h"
11 #include "lifec_registers.h"
12 #include "micro_delay.h"
13
14 static void lifec_security_setting(void);
15 static void axi_security_setting(void);
16
17 static const struct {
18 uint32_t reg;
19 uint32_t val;
20 } lifec[] = {
21 /*
22 * LIFEC0 (SECURITY) settings
23 * Security attribute setting for master ports
24 * Bit 0: ARM realtime core (Cortex-R7) master port
25 * 0: Non-Secure
26 */
27 { SEC_SRC, 0x0000001EU },
28 /*
29 * Security attribute setting for slave ports 0 to 15
30 * {SEC_SEL0, 0xFFFFFFFFU},
31 * {SEC_SEL1, 0xFFFFFFFFU},
32 * {SEC_SEL2, 0xFFFFFFFFU},
33 * Bit19: AXI-Bus (Main Memory domain AXI) slave ports
34 * 0: registers accessed from secure resource only
35 * Bit 9: DBSC4 register access slave ports.
36 * 0: registers accessed from secure resource only.
37 */
38 #if (LIFEC_DBSC_PROTECT_ENABLE == 1)
39 { SEC_SEL3, 0xFFF7FDFFU },
40 #else /* LIFEC_DBSC_PROTECT_ENABLE == 1 */
41 { SEC_SEL3, 0xFFFFFFFFU },
42 #endif /* LIFEC_DBSC_PROTECT_ENABLE == 1 */
43 /*
44 * {SEC_SEL4, 0xFFFFFFFFU},
45 * Bit 6: Boot ROM slave ports.
46 * 0: registers accessed from secure resource only
47 */
48 { SEC_SEL5, 0xFFFFFFBFU },
49 /*
50 * Bit13: SCEG PKA (secure APB) slave ports
51 * 0: registers accessed from secure resource only
52 * 1: Reserved[R-Car E3/D3]
53 * Bit12: SCEG PKA (public APB) slave ports
54 * 0: registers accessed from secure resource only
55 * 1: Reserved[R-Car E3/D3]
56 * Bit10: SCEG Secure Core slave ports
57 * 0: registers accessed from secure resource only
58 */
59 #if (RCAR_LSI == RCAR_E3) || (RCAR_LSI == RCAR_D3)
60 { SEC_SEL6, 0xFFFFFBFFU },
61 #else /* (RCAR_LSI == RCAR_E3) || (RCAR_LSI == RCAR_D3) */
62 { SEC_SEL6, 0xFFFFCBFFU },
63 #endif /* (RCAR_LSI == RCAR_E3) || (RCAR_LSI == RCAR_D3) */
64 /*
65 * {SEC_SEL7, 0xFFFFFFFFU},
66 * {SEC_SEL8, 0xFFFFFFFFU},
67 * {SEC_SEL9, 0xFFFFFFFFU},
68 * {SEC_SEL10, 0xFFFFFFFFU},
69 * {SEC_SEL11, 0xFFFFFFFFU},
70 * {SEC_SEL12, 0xFFFFFFFFU},
71 * Bit22: RPC slave ports.
72 * 0: registers accessed from secure resource only.
73 */
74 #if (RCAR_RPC_HYPERFLASH_LOCKED == 1)
75 { SEC_SEL13, 0xFFBFFFFFU },
76 #endif /* (RCAR_RPC_HYPERFLASH_LOCKED == 1) */
77 /*
78 * Bit27: System Timer (SCMT) slave ports
79 * 0: registers accessed from secure resource only
80 * Bit26: System Watchdog Timer (SWDT) slave ports
81 * 0: registers accessed from secure resource only
82 */
83 { SEC_SEL14, 0xF3FFFFFFU },
84 /*
85 * Bit13: RST slave ports.
86 * 0: registers accessed from secure resource only
87 * Bit 7: Life Cycle 0 slave ports
88 * 0: registers accessed from secure resource only
89 */
90 { SEC_SEL15, 0xFFFFFF3FU },
91 /*
92 * Security group 0 attribute setting for master ports 0
93 * Security group 1 attribute setting for master ports 0
94 * {SEC_GRP0CR0, 0x00000000U},
95 * {SEC_GRP1CR0, 0x00000000U},
96 * Security group 0 attribute setting for master ports 1
97 * Security group 1 attribute setting for master ports 1
98 * {SEC_GRP0CR1, 0x00000000U},
99 * {SEC_GRP1CR1, 0x00000000U},
100 * Security group 0 attribute setting for master ports 2
101 * Security group 1 attribute setting for master ports 2
102 * Bit17: SCEG Secure Core master ports.
103 * SecurityGroup3
104 */
105 { SEC_GRP0CR2, 0x00020000U },
106 { SEC_GRP1CR2, 0x00020000U },
107 /*
108 * Security group 0 attribute setting for master ports 3
109 * Security group 1 attribute setting for master ports 3
110 * {SEC_GRP0CR3, 0x00000000U},
111 * {SEC_GRP1CR3, 0x00000000U},
112 * Security group 0 attribute setting for slave ports 0
113 * Security group 1 attribute setting for slave ports 0
114 * {SEC_GRP0COND0, 0x00000000U},
115 * {SEC_GRP1COND0, 0x00000000U},
116 * Security group 0 attribute setting for slave ports 1
117 * Security group 1 attribute setting for slave ports 1
118 * {SEC_GRP0COND1, 0x00000000U},
119 * {SEC_GRP1COND1, 0x00000000U},
120 * Security group 0 attribute setting for slave ports 2
121 * Security group 1 attribute setting for slave ports 2
122 * {SEC_GRP0COND2, 0x00000000U},
123 * {SEC_GRP1COND2, 0x00000000U},
124 * Security group 0 attribute setting for slave ports 3
125 * Security group 1 attribute setting for slave ports 3
126 * Bit19: AXI-Bus (Main Memory domain AXI) slave ports.
127 * SecurityGroup3
128 * Bit 9: DBSC4 register access slave ports.
129 * SecurityGroup3
130 */
131 #if (LIFEC_DBSC_PROTECT_ENABLE == 1)
132 { SEC_GRP0COND3, 0x00080200U },
133 { SEC_GRP1COND3, 0x00080200U },
134 #else /* (LIFEC_DBSC_PROTECT_ENABLE == 1) */
135 { SEC_GRP0COND3, 0x00000000U },
136 { SEC_GRP1COND3, 0x00000000U },
137 #endif /* (LIFEC_DBSC_PROTECT_ENABLE == 1) */
138 /*
139 * Security group 0 attribute setting for slave ports 4
140 * Security group 1 attribute setting for slave ports 4
141 * {SEC_GRP0COND4, 0x00000000U},
142 * {SEC_GRP1COND4, 0x00000000U},
143 * Security group 0 attribute setting for slave ports 5
144 * Security group 1 attribute setting for slave ports 5
145 * Bit 6: Boot ROM slave ports
146 * SecurityGroup3
147 */
148 { SEC_GRP0COND5, 0x00000040U },
149 { SEC_GRP1COND5, 0x00000040U },
150 /*
151 * Security group 0 attribute setting for slave ports 6
152 * Security group 1 attribute setting for slave ports 6
153 * Bit13: SCEG PKA (secure APB) slave ports
154 * SecurityGroup3
155 * Reserved[R-Car E3/D3]
156 * Bit12: SCEG PKA (public APB) slave ports
157 * SecurityGroup3
158 * Reserved[R-Car E3/D3]
159 * Bit10: SCEG Secure Core slave ports
160 * SecurityGroup3
161 */
162 #if RCAR_LSI == RCAR_E3 || RCAR_LSI == RCAR_D3
163 { SEC_GRP0COND6, 0x00000400U },
164 { SEC_GRP1COND6, 0x00000400U },
165 #else /* RCAR_LSI == RCAR_E3 */
166 { SEC_GRP0COND6, 0x00003400U },
167 { SEC_GRP1COND6, 0x00003400U },
168 #endif /* RCAR_LSI == RCAR_E3 */
169 /*
170 * Security group 0 attribute setting for slave ports 7
171 * Security group 1 attribute setting for slave ports 7
172 * {SEC_GRP0COND7, 0x00000000U},
173 * {SEC_GRP1COND7, 0x00000000U},
174 * Security group 0 attribute setting for slave ports 8
175 * Security group 1 attribute setting for slave ports 8
176 * {SEC_GRP0COND8, 0x00000000U},
177 * {SEC_GRP1COND8, 0x00000000U},
178 * Security group 0 attribute setting for slave ports 9
179 * Security group 1 attribute setting for slave ports 9
180 * {SEC_GRP0COND9, 0x00000000U},
181 * {SEC_GRP1COND9, 0x00000000U},
182 * Security group 0 attribute setting for slave ports 10
183 * Security group 1 attribute setting for slave ports 10
184 * {SEC_GRP0COND10, 0x00000000U},
185 * {SEC_GRP1COND10, 0x00000000U},
186 * Security group 0 attribute setting for slave ports 11
187 * Security group 1 attribute setting for slave ports 11
188 * {SEC_GRP0COND11, 0x00000000U},
189 * {SEC_GRP1COND11, 0x00000000U},
190 * Security group 0 attribute setting for slave ports 12
191 * Security group 1 attribute setting for slave ports 12
192 * {SEC_GRP0COND12, 0x00000000U},
193 * {SEC_GRP1COND12, 0x00000000U},
194 * Security group 0 attribute setting for slave ports 13
195 * Security group 1 attribute setting for slave ports 13
196 * Bit22: RPC slave ports.
197 * SecurityGroup3
198 */
199 #if (RCAR_RPC_HYPERFLASH_LOCKED == 1)
200 { SEC_GRP0COND13, 0x00400000U },
201 { SEC_GRP1COND13, 0x00400000U },
202 #endif /* (RCAR_RPC_HYPERFLASH_LOCKED == 1) */
203 /*
204 * Security group 0 attribute setting for slave ports 14
205 * Security group 1 attribute setting for slave ports 14
206 * Bit26: System Timer (SCMT) slave ports
207 * SecurityGroup3
208 * Bit27: System Watchdog Timer (SWDT) slave ports
209 * SecurityGroup3
210 */
211 { SEC_GRP0COND14, 0x0C000000U },
212 { SEC_GRP1COND14, 0x0C000000U },
213 /*
214 * Security group 0 attribute setting for slave ports 15
215 * Security group 1 attribute setting for slave ports 15
216 * Bit13: RST slave ports
217 * SecurityGroup3
218 * Bit 7: Life Cycle 0 slave ports
219 * SecurityGroup3
220 * Bit 6: TDBG slave ports
221 * SecurityGroup3
222 */
223 { SEC_GRP0COND15, 0x000000C0U },
224 { SEC_GRP1COND15, 0x000000C0U },
225 /*
226 * Security write protection attribute setting slave ports 0
227 * {SEC_READONLY0, 0x00000000U},
228 * Security write protection attribute setting slave ports 1
229 * {SEC_READONLY1, 0x00000000U},
230 * Security write protection attribute setting slave ports 2
231 * {SEC_READONLY2, 0x00000000U},
232 * Security write protection attribute setting slave ports 3
233 * {SEC_READONLY3, 0x00000000U},
234 * Security write protection attribute setting slave ports 4
235 * {SEC_READONLY4, 0x00000000U},
236 * Security write protection attribute setting slave ports 5
237 * {SEC_READONLY5, 0x00000000U},
238 * Security write protection attribute setting slave ports 6
239 * {SEC_READONLY6, 0x00000000U},
240 * Security write protection attribute setting slave ports 7
241 * {SEC_READONLY7, 0x00000000U},
242 * Security write protection attribute setting slave ports 8
243 * {SEC_READONLY8, 0x00000000U},
244 * Security write protection attribute setting slave ports 9
245 * {SEC_READONLY9, 0x00000000U},
246 * Security write protection attribute setting slave ports 10
247 * {SEC_READONLY10, 0x00000000U},
248 * Security write protection attribute setting slave ports 11
249 * {SEC_READONLY11, 0x00000000U},
250 * Security write protection attribute setting slave ports 12
251 * {SEC_READONLY12, 0x00000000U},
252 * Security write protection attribute setting slave ports 13
253 * {SEC_READONLY13, 0x00000000U},
254 * Security write protection attribute setting slave ports 14
255 * {SEC_READONLY14, 0x00000000U},
256 * Security write protection attribute setting slave ports 15
257 * {SEC_READONLY15, 0x00000000U}
258 */
259 };
260
261 /* AXI settings */
262 static const struct {
263 uint32_t reg;
264 uint32_t val;
265 } axi[] = {
266 /*
267 * DRAM protection
268 * AXI dram protected area division
269 */
270 {AXI_DPTDIVCR0, 0x0E0403F0U},
271 {AXI_DPTDIVCR1, 0x0E0407E0U},
272 {AXI_DPTDIVCR2, 0x0E080000U},
273 {AXI_DPTDIVCR3, 0x0E080000U},
274 {AXI_DPTDIVCR4, 0x0E080000U},
275 {AXI_DPTDIVCR5, 0x0E080000U},
276 {AXI_DPTDIVCR6, 0x0E080000U},
277 {AXI_DPTDIVCR7, 0x0E080000U},
278 {AXI_DPTDIVCR8, 0x0E080000U},
279 {AXI_DPTDIVCR9, 0x0E080000U},
280 {AXI_DPTDIVCR10, 0x0E080000U},
281 {AXI_DPTDIVCR11, 0x0E080000U},
282 {AXI_DPTDIVCR12, 0x0E080000U},
283 {AXI_DPTDIVCR13, 0x0E080000U},
284 {AXI_DPTDIVCR14, 0x0E080000U},
285 /* AXI dram protected area setting */
286 {AXI_DPTCR0, 0x0E000000U},
287 {AXI_DPTCR1, 0x0E000E0EU},
288 {AXI_DPTCR2, 0x0E000000U},
289 {AXI_DPTCR3, 0x0E000000U},
290 {AXI_DPTCR4, 0x0E000000U},
291 {AXI_DPTCR5, 0x0E000000U},
292 {AXI_DPTCR6, 0x0E000000U},
293 {AXI_DPTCR7, 0x0E000000U},
294 {AXI_DPTCR8, 0x0E000000U},
295 {AXI_DPTCR9, 0x0E000000U},
296 {AXI_DPTCR10, 0x0E000000U},
297 {AXI_DPTCR11, 0x0E000000U},
298 {AXI_DPTCR12, 0x0E000000U},
299 {AXI_DPTCR13, 0x0E000000U},
300 {AXI_DPTCR14, 0x0E000000U},
301 {AXI_DPTCR15, 0x0E000000U},
302 /*
303 * SRAM ptotection
304 * AXI sram protected area division
305 */
306 {AXI_SPTDIVCR0, 0x0E0E6304U},
307 {AXI_SPTDIVCR1, 0x0E0E6360U},
308 {AXI_SPTDIVCR2, 0x0E0E6360U},
309 {AXI_SPTDIVCR3, 0x0E0E6360U},
310 {AXI_SPTDIVCR4, 0x0E0E6360U},
311 {AXI_SPTDIVCR5, 0x0E0E6360U},
312 {AXI_SPTDIVCR6, 0x0E0E6360U},
313 {AXI_SPTDIVCR7, 0x0E0E6360U},
314 {AXI_SPTDIVCR8, 0x0E0E6360U},
315 {AXI_SPTDIVCR9, 0x0E0E6360U},
316 {AXI_SPTDIVCR10, 0x0E0E6360U},
317 {AXI_SPTDIVCR11, 0x0E0E6360U},
318 {AXI_SPTDIVCR12, 0x0E0E6360U},
319 {AXI_SPTDIVCR13, 0x0E0E6360U},
320 {AXI_SPTDIVCR14, 0x0E0E6360U},
321 /* AXI sram protected area setting */
322 {AXI_SPTCR0, 0x0E000E0EU},
323 {AXI_SPTCR1, 0x0E000000U},
324 {AXI_SPTCR2, 0x0E000000U},
325 {AXI_SPTCR3, 0x0E000000U},
326 {AXI_SPTCR4, 0x0E000000U},
327 {AXI_SPTCR5, 0x0E000000U},
328 {AXI_SPTCR6, 0x0E000000U},
329 {AXI_SPTCR7, 0x0E000000U},
330 {AXI_SPTCR8, 0x0E000000U},
331 {AXI_SPTCR9, 0x0E000000U},
332 {AXI_SPTCR10, 0x0E000000U},
333 {AXI_SPTCR11, 0x0E000000U},
334 {AXI_SPTCR12, 0x0E000000U},
335 {AXI_SPTCR13, 0x0E000000U},
336 {AXI_SPTCR14, 0x0E000000U},
337 {AXI_SPTCR15, 0x0E000000U}
338 };
339
lifec_security_setting(void)340 static void lifec_security_setting(void)
341 {
342 uint32_t i;
343
344 for (i = 0; i < ARRAY_SIZE(lifec); i++)
345 mmio_write_32(lifec[i].reg, lifec[i].val);
346 }
347
348 /* SRAM/DRAM protection setting */
axi_security_setting(void)349 static void axi_security_setting(void)
350 {
351 uint32_t i;
352
353 for (i = 0; i < ARRAY_SIZE(axi); i++)
354 mmio_write_32(axi[i].reg, axi[i].val);
355 }
356
bl2_secure_setting(void)357 void bl2_secure_setting(void)
358 {
359 lifec_security_setting();
360 axi_security_setting();
361 rcar_micro_delay(10U);
362 }
363