andrius
/
arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
arm-trusted-firmware/plat/renesas/rcar/bl2_secure_setting.c

353 lines
15 KiB
C
Raw Normal View History

rcar-gen3: initial commit for the rcar-gen3 boards Reference code: ============== rar_gen3: IPL and Secure Monitor Rev1.0.22 https://github.com/renesas-rcar/arm-trusted-firmware [rcar_gen3] Author: Takuya Sakata <takuya.sakata.wz@bp.renesas.com> Date: Thu Aug 30 21:26:41 2018 +0900 Update IPL and Secure Monitor Rev1.0.22 General Information: =================== This port has been tested on the Salvator-X Soc_id r8a7795 revision ES1.1 (uses an SPD). Build Tested: ------------- ATFW_OPT="LSI=H3 RCAR_DRAM_SPLIT=1 RCAR_LOSSY_ENABLE=1" MBEDTLS_DIR=$mbedtls $ make clean bl2 bl31 rcar PLAT=rcar ${ATFW_OPT} SPD=opteed Other dependencies: ------------------ * mbed_tls: git@github.com:ARMmbed/mbedtls.git [devel] Merge: 68dbc94 f34a4c1 Author: Simon Butcher <simon.butcher@arm.com> Date: Thu Aug 30 00:57:28 2018 +0100 * optee_os: https://github.com/BayLibre/optee_os Until it gets merged into OP-TEE, the port requires Renesas' Trusted Environment with a modification to support power management. Author: Jorge Ramirez-Ortiz <jramirez@baylibre.com> Date: Thu Aug 30 16:49:49 2018 +0200 plat-rcar: cpu-suspend: handle the power level Signed-off-by: Jorge Ramirez-Ortiz <jramirez@baylibre.com> * u-boot: The port has beent tested using mainline uboot. Author: Fabio Estevam <festevam@gmail.com> Date: Tue Sep 4 10:23:12 2018 -0300 *linux: The port has beent tested using mainline kernel. Author: Linus Torvalds <torvalds@linux-foundation.org> Date: Sun Sep 16 11:52:37 2018 -0700 Linux 4.19-rc4 Overview --------- BOOTROM starts the cpu at EL3; In this port BL2 will therefore be entered at this exception level (the Renesas' ATF reference tree [1] resets into EL1 before entering BL2 - see its bl2.ld.S) BL2 initializes DDR (and i2c to talk to the PMIC on some platforms) before determining the boot reason (cold or warm). During suspend all CPUs are switched off and the DDR is put in backup mode (some kind of self-refresh mode). This means that BL2 is always entered in a cold boot scenario. Once BL2 boots, it determines the boot reason, writes it to shared memory (BOOT_KIND_BASE) together with the BL31 parameters (PARAMS_BASE) and jumps to BL31. To all effects, BL31 is as if it is being entered in reset mode since it still needs to initialize the rest of the cores; this is the reason behind using direct shared memory access to BOOT_KIND_BASE and PARAMS_BASE instead of using registers to get to those locations (see el3_common_macros.S and bl31_entrypoint.S for the RESET_TO_BL31 use case). Depending on the boot reason BL31 initializes the rest of the cores: in case of suspend, it uses a MBOX memory region to recover the program counters. [1] https://github.com/renesas-rcar/arm-trusted-firmware Tests ----- * cpuidle ------- enable kernel's cpuidle arm_idle driver and boot * system suspend -------------- $ cat suspend.sh #!/bin/bash i2cset -f -y 7 0x30 0x20 0x0F read -p "Switch off SW23 and press return " foo echo mem > /sys/power/state * cpu hotplug: ------------ $ cat offline.sh #!/bin/bash nbr=$1 echo 0 > /sys/devices/system/cpu/cpu$nbr/online printf "ONLINE: " && cat /sys/devices/system/cpu/online printf "OFFLINE: " && cat /sys/devices/system/cpu/offline $ cat online.sh #!/bin/bash nbr=$1 echo 1 > /sys/devices/system/cpu/cpu$nbr/online printf "ONLINE: " && cat /sys/devices/system/cpu/online printf "OFFLINE: " && cat /sys/devices/system/cpu/offline Signed-off-by: ldts <jramirez@baylibre.com>
2018-09-23 08:36:13 +01:00
/*
* Copyright (c) 2015-2018, Renesas Electronics Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
Sanitise includes across codebase Enforce full include path for includes. Deprecate old paths. The following folders inside include/lib have been left unchanged: - include/lib/cpus/${ARCH} - include/lib/el3_runtime/${ARCH} The reason for this change is that having a global namespace for includes isn't a good idea. It defeats one of the advantages of having folders and it introduces problems that are sometimes subtle (because you may not know the header you are actually including if there are two of them). For example, this patch had to be created because two headers were called the same way: e0ea0928d5b7 ("Fix gpio includes of mt8173 platform to avoid collision."). More recently, this patch has had similar problems: 46f9b2c3a282 ("drivers: add tzc380 support"). This problem was introduced in commit 4ecca33988b9 ("Move include and source files to logical locations"). At that time, there weren't too many headers so it wasn't a real issue. However, time has shown that this creates problems. Platforms that want to preserve the way they include headers may add the removed paths to PLAT_INCLUDES, but this is discouraged. Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-12-14 00:18:21 +00:00
#include <lib/mmio.h>
#include <lib/utils_def.h>
rcar-gen3: initial commit for the rcar-gen3 boards Reference code: ============== rar_gen3: IPL and Secure Monitor Rev1.0.22 https://github.com/renesas-rcar/arm-trusted-firmware [rcar_gen3] Author: Takuya Sakata <takuya.sakata.wz@bp.renesas.com> Date: Thu Aug 30 21:26:41 2018 +0900 Update IPL and Secure Monitor Rev1.0.22 General Information: =================== This port has been tested on the Salvator-X Soc_id r8a7795 revision ES1.1 (uses an SPD). Build Tested: ------------- ATFW_OPT="LSI=H3 RCAR_DRAM_SPLIT=1 RCAR_LOSSY_ENABLE=1" MBEDTLS_DIR=$mbedtls $ make clean bl2 bl31 rcar PLAT=rcar ${ATFW_OPT} SPD=opteed Other dependencies: ------------------ * mbed_tls: git@github.com:ARMmbed/mbedtls.git [devel] Merge: 68dbc94 f34a4c1 Author: Simon Butcher <simon.butcher@arm.com> Date: Thu Aug 30 00:57:28 2018 +0100 * optee_os: https://github.com/BayLibre/optee_os Until it gets merged into OP-TEE, the port requires Renesas' Trusted Environment with a modification to support power management. Author: Jorge Ramirez-Ortiz <jramirez@baylibre.com> Date: Thu Aug 30 16:49:49 2018 +0200 plat-rcar: cpu-suspend: handle the power level Signed-off-by: Jorge Ramirez-Ortiz <jramirez@baylibre.com> * u-boot: The port has beent tested using mainline uboot. Author: Fabio Estevam <festevam@gmail.com> Date: Tue Sep 4 10:23:12 2018 -0300 *linux: The port has beent tested using mainline kernel. Author: Linus Torvalds <torvalds@linux-foundation.org> Date: Sun Sep 16 11:52:37 2018 -0700 Linux 4.19-rc4 Overview --------- BOOTROM starts the cpu at EL3; In this port BL2 will therefore be entered at this exception level (the Renesas' ATF reference tree [1] resets into EL1 before entering BL2 - see its bl2.ld.S) BL2 initializes DDR (and i2c to talk to the PMIC on some platforms) before determining the boot reason (cold or warm). During suspend all CPUs are switched off and the DDR is put in backup mode (some kind of self-refresh mode). This means that BL2 is always entered in a cold boot scenario. Once BL2 boots, it determines the boot reason, writes it to shared memory (BOOT_KIND_BASE) together with the BL31 parameters (PARAMS_BASE) and jumps to BL31. To all effects, BL31 is as if it is being entered in reset mode since it still needs to initialize the rest of the cores; this is the reason behind using direct shared memory access to BOOT_KIND_BASE and PARAMS_BASE instead of using registers to get to those locations (see el3_common_macros.S and bl31_entrypoint.S for the RESET_TO_BL31 use case). Depending on the boot reason BL31 initializes the rest of the cores: in case of suspend, it uses a MBOX memory region to recover the program counters. [1] https://github.com/renesas-rcar/arm-trusted-firmware Tests ----- * cpuidle ------- enable kernel's cpuidle arm_idle driver and boot * system suspend -------------- $ cat suspend.sh #!/bin/bash i2cset -f -y 7 0x30 0x20 0x0F read -p "Switch off SW23 and press return " foo echo mem > /sys/power/state * cpu hotplug: ------------ $ cat offline.sh #!/bin/bash nbr=$1 echo 0 > /sys/devices/system/cpu/cpu$nbr/online printf "ONLINE: " && cat /sys/devices/system/cpu/online printf "OFFLINE: " && cat /sys/devices/system/cpu/offline $ cat online.sh #!/bin/bash nbr=$1 echo 1 > /sys/devices/system/cpu/cpu$nbr/online printf "ONLINE: " && cat /sys/devices/system/cpu/online printf "OFFLINE: " && cat /sys/devices/system/cpu/offline Signed-off-by: ldts <jramirez@baylibre.com>
2018-09-23 08:36:13 +01:00
#include "axi_registers.h"
#include "lifec_registers.h"
#include "micro_delay.h"
static void lifec_security_setting(void);
static void axi_security_setting(void);
static const struct {
uint32_t reg;
uint32_t val;
} lifec[] = {
/** LIFEC0 (SECURITY) settings */
/* Security attribute setting for master ports */
/* Bit 0: ARM realtime core (Cortex-R7) master port */
/* 0: Non-Secure */
{
SEC_SRC, 0x0000001EU},
/** Security attribute setting for slave ports 0 to 15 */
/* {SEC_SEL0, 0xFFFFFFFFU}, */
/* {SEC_SEL1, 0xFFFFFFFFU}, */
/* {SEC_SEL2, 0xFFFFFFFFU}, */
/* Bit19: AXI-Bus (Main Memory domain AXI) slave ports */
/* 0: registers accessed from secure resource only */
/* Bit 9: DBSC4 register access slave ports. */
/* 0: registers accessed from secure resource only. */
#if (LIFEC_DBSC_PROTECT_ENABLE == 1)
{
SEC_SEL3, 0xFFF7FDFFU},
#else
{
SEC_SEL3, 0xFFFFFFFFU},
#endif
/* {SEC_SEL4, 0xFFFFFFFFU}, */
/* Bit 6: Boot ROM slave ports. */
/* 0: registers accessed from secure resource only */
{
SEC_SEL5, 0xFFFFFFBFU},
/* Bit13: SCEG PKA (secure APB) slave ports */
/* 0: registers accessed from secure resource only */
/* 1: Reserved[R-Car E3] */
/* Bit12: SCEG PKA (public APB) slave ports */
/* 0: registers accessed from secure resource only */
/* 1: Reserved[R-Car E3] */
/* Bit10: SCEG Secure Core slave ports */
/* 0: registers accessed from secure resource only */
rcar_gen3: plat: Add initial D3 support Add R-Car D3 SoC platform specifics. Driver, PFC, QoS, DDR init code will be added separately. Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
2019-01-05 12:56:03 +00:00
#if (RCAR_LSI == RCAR_E3) || (RCAR_LSI == RCAR_D3)
rcar-gen3: initial commit for the rcar-gen3 boards Reference code: ============== rar_gen3: IPL and Secure Monitor Rev1.0.22 https://github.com/renesas-rcar/arm-trusted-firmware [rcar_gen3] Author: Takuya Sakata <takuya.sakata.wz@bp.renesas.com> Date: Thu Aug 30 21:26:41 2018 +0900 Update IPL and Secure Monitor Rev1.0.22 General Information: =================== This port has been tested on the Salvator-X Soc_id r8a7795 revision ES1.1 (uses an SPD). Build Tested: ------------- ATFW_OPT="LSI=H3 RCAR_DRAM_SPLIT=1 RCAR_LOSSY_ENABLE=1" MBEDTLS_DIR=$mbedtls $ make clean bl2 bl31 rcar PLAT=rcar ${ATFW_OPT} SPD=opteed Other dependencies: ------------------ * mbed_tls: git@github.com:ARMmbed/mbedtls.git [devel] Merge: 68dbc94 f34a4c1 Author: Simon Butcher <simon.butcher@arm.com> Date: Thu Aug 30 00:57:28 2018 +0100 * optee_os: https://github.com/BayLibre/optee_os Until it gets merged into OP-TEE, the port requires Renesas' Trusted Environment with a modification to support power management. Author: Jorge Ramirez-Ortiz <jramirez@baylibre.com> Date: Thu Aug 30 16:49:49 2018 +0200 plat-rcar: cpu-suspend: handle the power level Signed-off-by: Jorge Ramirez-Ortiz <jramirez@baylibre.com> * u-boot: The port has beent tested using mainline uboot. Author: Fabio Estevam <festevam@gmail.com> Date: Tue Sep 4 10:23:12 2018 -0300 *linux: The port has beent tested using mainline kernel. Author: Linus Torvalds <torvalds@linux-foundation.org> Date: Sun Sep 16 11:52:37 2018 -0700 Linux 4.19-rc4 Overview --------- BOOTROM starts the cpu at EL3; In this port BL2 will therefore be entered at this exception level (the Renesas' ATF reference tree [1] resets into EL1 before entering BL2 - see its bl2.ld.S) BL2 initializes DDR (and i2c to talk to the PMIC on some platforms) before determining the boot reason (cold or warm). During suspend all CPUs are switched off and the DDR is put in backup mode (some kind of self-refresh mode). This means that BL2 is always entered in a cold boot scenario. Once BL2 boots, it determines the boot reason, writes it to shared memory (BOOT_KIND_BASE) together with the BL31 parameters (PARAMS_BASE) and jumps to BL31. To all effects, BL31 is as if it is being entered in reset mode since it still needs to initialize the rest of the cores; this is the reason behind using direct shared memory access to BOOT_KIND_BASE and PARAMS_BASE instead of using registers to get to those locations (see el3_common_macros.S and bl31_entrypoint.S for the RESET_TO_BL31 use case). Depending on the boot reason BL31 initializes the rest of the cores: in case of suspend, it uses a MBOX memory region to recover the program counters. [1] https://github.com/renesas-rcar/arm-trusted-firmware Tests ----- * cpuidle ------- enable kernel's cpuidle arm_idle driver and boot * system suspend -------------- $ cat suspend.sh #!/bin/bash i2cset -f -y 7 0x30 0x20 0x0F read -p "Switch off SW23 and press return " foo echo mem > /sys/power/state * cpu hotplug: ------------ $ cat offline.sh #!/bin/bash nbr=$1 echo 0 > /sys/devices/system/cpu/cpu$nbr/online printf "ONLINE: " && cat /sys/devices/system/cpu/online printf "OFFLINE: " && cat /sys/devices/system/cpu/offline $ cat online.sh #!/bin/bash nbr=$1 echo 1 > /sys/devices/system/cpu/cpu$nbr/online printf "ONLINE: " && cat /sys/devices/system/cpu/online printf "OFFLINE: " && cat /sys/devices/system/cpu/offline Signed-off-by: ldts <jramirez@baylibre.com>
2018-09-23 08:36:13 +01:00
{
SEC_SEL6, 0xFFFFFBFFU},
#else
{
SEC_SEL6, 0xFFFFCBFFU},
#endif
/* {SEC_SEL7, 0xFFFFFFFFU}, */
/* {SEC_SEL8, 0xFFFFFFFFU}, */
/* {SEC_SEL9, 0xFFFFFFFFU}, */
/* {SEC_SEL10, 0xFFFFFFFFU}, */
/* {SEC_SEL11, 0xFFFFFFFFU}, */
/* {SEC_SEL12, 0xFFFFFFFFU}, */
/* Bit22: RPC slave ports. */
/* 0: registers accessed from secure resource only. */
rcar-gen3: control RPC hyper-flash access RCAR_RPC_HYPERFLASH_LOCKED can be set to 0 as a build option if the user needs to allow u-boot to reprogram the ATF firmware using a FIP image (as a faster alternative of toggling numerous DIP switches on the board and using ascii-xfer of srec files) The code being controlled with this commit should only be re-enabled for debugging (_never_ on a product release) Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez.ortiz@gmail.com>
2018-11-19 18:26:56 +00:00
#if (RCAR_RPC_HYPERFLASH_LOCKED == 1)
{SEC_SEL13, 0xFFBFFFFFU},
#endif
rcar-gen3: initial commit for the rcar-gen3 boards Reference code: ============== rar_gen3: IPL and Secure Monitor Rev1.0.22 https://github.com/renesas-rcar/arm-trusted-firmware [rcar_gen3] Author: Takuya Sakata <takuya.sakata.wz@bp.renesas.com> Date: Thu Aug 30 21:26:41 2018 +0900 Update IPL and Secure Monitor Rev1.0.22 General Information: =================== This port has been tested on the Salvator-X Soc_id r8a7795 revision ES1.1 (uses an SPD). Build Tested: ------------- ATFW_OPT="LSI=H3 RCAR_DRAM_SPLIT=1 RCAR_LOSSY_ENABLE=1" MBEDTLS_DIR=$mbedtls $ make clean bl2 bl31 rcar PLAT=rcar ${ATFW_OPT} SPD=opteed Other dependencies: ------------------ * mbed_tls: git@github.com:ARMmbed/mbedtls.git [devel] Merge: 68dbc94 f34a4c1 Author: Simon Butcher <simon.butcher@arm.com> Date: Thu Aug 30 00:57:28 2018 +0100 * optee_os: https://github.com/BayLibre/optee_os Until it gets merged into OP-TEE, the port requires Renesas' Trusted Environment with a modification to support power management. Author: Jorge Ramirez-Ortiz <jramirez@baylibre.com> Date: Thu Aug 30 16:49:49 2018 +0200 plat-rcar: cpu-suspend: handle the power level Signed-off-by: Jorge Ramirez-Ortiz <jramirez@baylibre.com> * u-boot: The port has beent tested using mainline uboot. Author: Fabio Estevam <festevam@gmail.com> Date: Tue Sep 4 10:23:12 2018 -0300 *linux: The port has beent tested using mainline kernel. Author: Linus Torvalds <torvalds@linux-foundation.org> Date: Sun Sep 16 11:52:37 2018 -0700 Linux 4.19-rc4 Overview --------- BOOTROM starts the cpu at EL3; In this port BL2 will therefore be entered at this exception level (the Renesas' ATF reference tree [1] resets into EL1 before entering BL2 - see its bl2.ld.S) BL2 initializes DDR (and i2c to talk to the PMIC on some platforms) before determining the boot reason (cold or warm). During suspend all CPUs are switched off and the DDR is put in backup mode (some kind of self-refresh mode). This means that BL2 is always entered in a cold boot scenario. Once BL2 boots, it determines the boot reason, writes it to shared memory (BOOT_KIND_BASE) together with the BL31 parameters (PARAMS_BASE) and jumps to BL31. To all effects, BL31 is as if it is being entered in reset mode since it still needs to initialize the rest of the cores; this is the reason behind using direct shared memory access to BOOT_KIND_BASE and PARAMS_BASE instead of using registers to get to those locations (see el3_common_macros.S and bl31_entrypoint.S for the RESET_TO_BL31 use case). Depending on the boot reason BL31 initializes the rest of the cores: in case of suspend, it uses a MBOX memory region to recover the program counters. [1] https://github.com/renesas-rcar/arm-trusted-firmware Tests ----- * cpuidle ------- enable kernel's cpuidle arm_idle driver and boot * system suspend -------------- $ cat suspend.sh #!/bin/bash i2cset -f -y 7 0x30 0x20 0x0F read -p "Switch off SW23 and press return " foo echo mem > /sys/power/state * cpu hotplug: ------------ $ cat offline.sh #!/bin/bash nbr=$1 echo 0 > /sys/devices/system/cpu/cpu$nbr/online printf "ONLINE: " && cat /sys/devices/system/cpu/online printf "OFFLINE: " && cat /sys/devices/system/cpu/offline $ cat online.sh #!/bin/bash nbr=$1 echo 1 > /sys/devices/system/cpu/cpu$nbr/online printf "ONLINE: " && cat /sys/devices/system/cpu/online printf "OFFLINE: " && cat /sys/devices/system/cpu/offline Signed-off-by: ldts <jramirez@baylibre.com>
2018-09-23 08:36:13 +01:00
/* Bit27: System Timer (SCMT) slave ports */
/* 0: registers accessed from secure resource only */
/* Bit26: System Watchdog Timer (SWDT) slave ports */
/* 0: registers accessed from secure resource only */
{
SEC_SEL14, 0xF3FFFFFFU},
/* Bit13: RST slave ports. */
/* 0: registers accessed from secure resource only */
/* Bit 7: Life Cycle 0 slave ports */
/* 0: registers accessed from secure resource only */
{
SEC_SEL15, 0xFFFFFF3FU},
/** Security group 0 attribute setting for master ports 0 */
/** Security group 1 attribute setting for master ports 0 */
/* {SEC_GRP0CR0, 0x00000000U}, */
/* {SEC_GRP1CR0, 0x00000000U}, */
/** Security group 0 attribute setting for master ports 1 */
/** Security group 1 attribute setting for master ports 1 */
/* {SEC_GRP0CR1, 0x00000000U}, */
/* {SEC_GRP1CR1, 0x00000000U}, */
/** Security group 0 attribute setting for master ports 2 */
/** Security group 1 attribute setting for master ports 2 */
/* Bit17: SCEG Secure Core master ports. */
/* SecurityGroup3 */
{
SEC_GRP0CR2, 0x00020000U}, {
SEC_GRP1CR2, 0x00020000U},
/** Security group 0 attribute setting for master ports 3 */
/** Security group 1 attribute setting for master ports 3 */
/* {SEC_GRP0CR3, 0x00000000U}, */
/* {SEC_GRP1CR3, 0x00000000U}, */
/** Security group 0 attribute setting for slave ports 0 */
/** Security group 1 attribute setting for slave ports 0 */
/* {SEC_GRP0COND0, 0x00000000U}, */
/* {SEC_GRP1COND0, 0x00000000U}, */
/** Security group 0 attribute setting for slave ports 1 */
/** Security group 1 attribute setting for slave ports 1 */
/* {SEC_GRP0COND1, 0x00000000U}, */
/* {SEC_GRP1COND1, 0x00000000U}, */
/** Security group 0 attribute setting for slave ports 2 */
/** Security group 1 attribute setting for slave ports 2 */
/* {SEC_GRP0COND2, 0x00000000U}, */
/* {SEC_GRP1COND2, 0x00000000U}, */
/** Security group 0 attribute setting for slave ports 3 */
/** Security group 1 attribute setting for slave ports 3 */
/* Bit19: AXI-Bus (Main Memory domain AXI) slave ports. */
/* SecurityGroup3 */
/* Bit 9: DBSC4 register access slave ports. */
/* SecurityGroup3 */
#if (LIFEC_DBSC_PROTECT_ENABLE == 1)
{
SEC_GRP0COND3, 0x00080200U}, {
SEC_GRP1COND3, 0x00080200U},
#else
{
SEC_GRP0COND3, 0x00000000U}, {
SEC_GRP1COND3, 0x00000000U},
#endif
/** Security group 0 attribute setting for slave ports 4 */
/** Security group 1 attribute setting for slave ports 4 */
/* {SEC_GRP0COND4, 0x00000000U}, */
/* {SEC_GRP1COND4, 0x00000000U}, */
/** Security group 0 attribute setting for slave ports 5 */
/** Security group 1 attribute setting for slave ports 5 */
/* Bit 6: Boot ROM slave ports */
/* SecurityGroup3 */
{
SEC_GRP0COND5, 0x00000040U}, {
SEC_GRP1COND5, 0x00000040U},
/** Security group 0 attribute setting for slave ports 6 */
/** Security group 1 attribute setting for slave ports 6 */
/* Bit13: SCEG PKA (secure APB) slave ports */
/* SecurityGroup3 */
/* Reserved[R-Car E3] */
/* Bit12: SCEG PKA (public APB) slave ports */
/* SecurityGroup3 */
/* Reserved[R-Car E3] */
/* Bit10: SCEG Secure Core slave ports */
/* SecurityGroup3 */
#if RCAR_LSI == RCAR_E3
{
SEC_GRP0COND6, 0x00000400U}, {
SEC_GRP1COND6, 0x00000400U},
#else
{
SEC_GRP0COND6, 0x00003400U}, {
SEC_GRP1COND6, 0x00003400U},
#endif
/** Security group 0 attribute setting for slave ports 7 */
/** Security group 1 attribute setting for slave ports 7 */
/* {SEC_GRP0COND7, 0x00000000U}, */
/* {SEC_GRP1COND7, 0x00000000U}, */
/** Security group 0 attribute setting for slave ports 8 */
/** Security group 1 attribute setting for slave ports 8 */
/* {SEC_GRP0COND8, 0x00000000U}, */
/* {SEC_GRP1COND8, 0x00000000U}, */
/** Security group 0 attribute setting for slave ports 9 */
/** Security group 1 attribute setting for slave ports 9 */
/* {SEC_GRP0COND9, 0x00000000U}, */
/* {SEC_GRP1COND9, 0x00000000U}, */
/** Security group 0 attribute setting for slave ports 10 */
/** Security group 1 attribute setting for slave ports 10 */
/* {SEC_GRP0COND10, 0x00000000U}, */
/* {SEC_GRP1COND10, 0x00000000U}, */
/** Security group 0 attribute setting for slave ports 11 */
/** Security group 1 attribute setting for slave ports 11 */
/* {SEC_GRP0COND11, 0x00000000U}, */
/* {SEC_GRP1COND11, 0x00000000U}, */
/** Security group 0 attribute setting for slave ports 12 */
/** Security group 1 attribute setting for slave ports 12 */
/* {SEC_GRP0COND12, 0x00000000U}, */
/* {SEC_GRP1COND12, 0x00000000U}, */
/** Security group 0 attribute setting for slave ports 13 */
/** Security group 1 attribute setting for slave ports 13 */
/* Bit22: RPC slave ports. */
/* SecurityGroup3 */
rcar-gen3: control RPC hyper-flash access RCAR_RPC_HYPERFLASH_LOCKED can be set to 0 as a build option if the user needs to allow u-boot to reprogram the ATF firmware using a FIP image (as a faster alternative of toggling numerous DIP switches on the board and using ascii-xfer of srec files) The code being controlled with this commit should only be re-enabled for debugging (_never_ on a product release) Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez.ortiz@gmail.com>
2018-11-19 18:26:56 +00:00
#if (RCAR_RPC_HYPERFLASH_LOCKED == 1)
{SEC_GRP0COND13, 0x00400000U},
{SEC_GRP1COND13, 0x00400000U},
#endif
rcar-gen3: initial commit for the rcar-gen3 boards Reference code: ============== rar_gen3: IPL and Secure Monitor Rev1.0.22 https://github.com/renesas-rcar/arm-trusted-firmware [rcar_gen3] Author: Takuya Sakata <takuya.sakata.wz@bp.renesas.com> Date: Thu Aug 30 21:26:41 2018 +0900 Update IPL and Secure Monitor Rev1.0.22 General Information: =================== This port has been tested on the Salvator-X Soc_id r8a7795 revision ES1.1 (uses an SPD). Build Tested: ------------- ATFW_OPT="LSI=H3 RCAR_DRAM_SPLIT=1 RCAR_LOSSY_ENABLE=1" MBEDTLS_DIR=$mbedtls $ make clean bl2 bl31 rcar PLAT=rcar ${ATFW_OPT} SPD=opteed Other dependencies: ------------------ * mbed_tls: git@github.com:ARMmbed/mbedtls.git [devel] Merge: 68dbc94 f34a4c1 Author: Simon Butcher <simon.butcher@arm.com> Date: Thu Aug 30 00:57:28 2018 +0100 * optee_os: https://github.com/BayLibre/optee_os Until it gets merged into OP-TEE, the port requires Renesas' Trusted Environment with a modification to support power management. Author: Jorge Ramirez-Ortiz <jramirez@baylibre.com> Date: Thu Aug 30 16:49:49 2018 +0200 plat-rcar: cpu-suspend: handle the power level Signed-off-by: Jorge Ramirez-Ortiz <jramirez@baylibre.com> * u-boot: The port has beent tested using mainline uboot. Author: Fabio Estevam <festevam@gmail.com> Date: Tue Sep 4 10:23:12 2018 -0300 *linux: The port has beent tested using mainline kernel. Author: Linus Torvalds <torvalds@linux-foundation.org> Date: Sun Sep 16 11:52:37 2018 -0700 Linux 4.19-rc4 Overview --------- BOOTROM starts the cpu at EL3; In this port BL2 will therefore be entered at this exception level (the Renesas' ATF reference tree [1] resets into EL1 before entering BL2 - see its bl2.ld.S) BL2 initializes DDR (and i2c to talk to the PMIC on some platforms) before determining the boot reason (cold or warm). During suspend all CPUs are switched off and the DDR is put in backup mode (some kind of self-refresh mode). This means that BL2 is always entered in a cold boot scenario. Once BL2 boots, it determines the boot reason, writes it to shared memory (BOOT_KIND_BASE) together with the BL31 parameters (PARAMS_BASE) and jumps to BL31. To all effects, BL31 is as if it is being entered in reset mode since it still needs to initialize the rest of the cores; this is the reason behind using direct shared memory access to BOOT_KIND_BASE and PARAMS_BASE instead of using registers to get to those locations (see el3_common_macros.S and bl31_entrypoint.S for the RESET_TO_BL31 use case). Depending on the boot reason BL31 initializes the rest of the cores: in case of suspend, it uses a MBOX memory region to recover the program counters. [1] https://github.com/renesas-rcar/arm-trusted-firmware Tests ----- * cpuidle ------- enable kernel's cpuidle arm_idle driver and boot * system suspend -------------- $ cat suspend.sh #!/bin/bash i2cset -f -y 7 0x30 0x20 0x0F read -p "Switch off SW23 and press return " foo echo mem > /sys/power/state * cpu hotplug: ------------ $ cat offline.sh #!/bin/bash nbr=$1 echo 0 > /sys/devices/system/cpu/cpu$nbr/online printf "ONLINE: " && cat /sys/devices/system/cpu/online printf "OFFLINE: " && cat /sys/devices/system/cpu/offline $ cat online.sh #!/bin/bash nbr=$1 echo 1 > /sys/devices/system/cpu/cpu$nbr/online printf "ONLINE: " && cat /sys/devices/system/cpu/online printf "OFFLINE: " && cat /sys/devices/system/cpu/offline Signed-off-by: ldts <jramirez@baylibre.com>
2018-09-23 08:36:13 +01:00
/** Security group 0 attribute setting for slave ports 14 */
/** Security group 1 attribute setting for slave ports 14 */
/* Bit26: System Timer (SCMT) slave ports */
/* SecurityGroup3 */
/* Bit27: System Watchdog Timer (SWDT) slave ports */
/* SecurityGroup3 */
{
SEC_GRP0COND14, 0x0C000000U}, {
SEC_GRP1COND14, 0x0C000000U},
/** Security group 0 attribute setting for slave ports 15 */
/** Security group 1 attribute setting for slave ports 15 */
/* Bit13: RST slave ports */
/* SecurityGroup3 */
/* Bit 7: Life Cycle 0 slave ports */
/* SecurityGroup3 */
/* Bit 6: TDBG slave ports */
/* SecurityGroup3 */
{
SEC_GRP0COND15, 0x000000C0U}, {
SEC_GRP1COND15, 0x000000C0U},
/** Security write protection attribute setting slave ports 0 */
/* {SEC_READONLY0, 0x00000000U}, */
/** Security write protection attribute setting slave ports 1 */
/* {SEC_READONLY1, 0x00000000U}, */
/** Security write protection attribute setting slave ports 2 */
/* {SEC_READONLY2, 0x00000000U}, */
/** Security write protection attribute setting slave ports 3 */
/* {SEC_READONLY3, 0x00000000U}, */
/** Security write protection attribute setting slave ports 4 */
/* {SEC_READONLY4, 0x00000000U}, */
/** Security write protection attribute setting slave ports 5 */
/* {SEC_READONLY5, 0x00000000U}, */
/** Security write protection attribute setting slave ports 6 */
/* {SEC_READONLY6, 0x00000000U}, */
/** Security write protection attribute setting slave ports 7 */
/* {SEC_READONLY7, 0x00000000U}, */
/** Security write protection attribute setting slave ports 8 */
/* {SEC_READONLY8, 0x00000000U}, */
/** Security write protection attribute setting slave ports 9 */
/* {SEC_READONLY9, 0x00000000U}, */
/** Security write protection attribute setting slave ports 10 */
/* {SEC_READONLY10, 0x00000000U}, */
/** Security write protection attribute setting slave ports 11 */
/* {SEC_READONLY11, 0x00000000U}, */
/** Security write protection attribute setting slave ports 12 */
/* {SEC_READONLY12, 0x00000000U}, */
/** Security write protection attribute setting slave ports 13 */
/* {SEC_READONLY13, 0x00000000U}, */
/** Security write protection attribute setting slave ports 14 */
/* {SEC_READONLY14, 0x00000000U}, */
/** Security write protection attribute setting slave ports 15 */
/* {SEC_READONLY15, 0x00000000U} */
};
/* AXI settings */
static const struct {
uint32_t reg;
uint32_t val;
} axi[] = {
/* DRAM protection */
/* AXI dram protected area division */
{
AXI_DPTDIVCR0, 0x0E0403F0U}, {
AXI_DPTDIVCR1, 0x0E0407E0U}, {
AXI_DPTDIVCR2, 0x0E080000U}, {
AXI_DPTDIVCR3, 0x0E080000U}, {
AXI_DPTDIVCR4, 0x0E080000U}, {
AXI_DPTDIVCR5, 0x0E080000U}, {
AXI_DPTDIVCR6, 0x0E080000U}, {
AXI_DPTDIVCR7, 0x0E080000U}, {
AXI_DPTDIVCR8, 0x0E080000U}, {
AXI_DPTDIVCR9, 0x0E080000U}, {
AXI_DPTDIVCR10, 0x0E080000U}, {
AXI_DPTDIVCR11, 0x0E080000U}, {
AXI_DPTDIVCR12, 0x0E080000U}, {
AXI_DPTDIVCR13, 0x0E080000U}, {
AXI_DPTDIVCR14, 0x0E080000U},
/* AXI dram protected area setting */
{
AXI_DPTCR0, 0x0E000000U}, {
AXI_DPTCR1, 0x0E000E0EU}, {
AXI_DPTCR2, 0x0E000000U}, {
AXI_DPTCR3, 0x0E000000U}, {
AXI_DPTCR4, 0x0E000000U}, {
AXI_DPTCR5, 0x0E000000U}, {
AXI_DPTCR6, 0x0E000000U}, {
AXI_DPTCR7, 0x0E000000U}, {
AXI_DPTCR8, 0x0E000000U}, {
AXI_DPTCR9, 0x0E000000U}, {
AXI_DPTCR10, 0x0E000000U}, {
AXI_DPTCR11, 0x0E000000U}, {
AXI_DPTCR12, 0x0E000000U}, {
AXI_DPTCR13, 0x0E000000U}, {
AXI_DPTCR14, 0x0E000000U}, {
AXI_DPTCR15, 0x0E000000U},
/* SRAM ptotection */
/* AXI sram protected area division */
{
AXI_SPTDIVCR0, 0x0E0E6304U}, {
AXI_SPTDIVCR1, 0x0E0E6360U}, {
AXI_SPTDIVCR2, 0x0E0E6360U}, {
AXI_SPTDIVCR3, 0x0E0E6360U}, {
AXI_SPTDIVCR4, 0x0E0E6360U}, {
AXI_SPTDIVCR5, 0x0E0E6360U}, {
AXI_SPTDIVCR6, 0x0E0E6360U}, {
AXI_SPTDIVCR7, 0x0E0E6360U}, {
AXI_SPTDIVCR8, 0x0E0E6360U}, {
AXI_SPTDIVCR9, 0x0E0E6360U}, {
AXI_SPTDIVCR10, 0x0E0E6360U}, {
AXI_SPTDIVCR11, 0x0E0E6360U}, {
AXI_SPTDIVCR12, 0x0E0E6360U}, {
AXI_SPTDIVCR13, 0x0E0E6360U}, {
AXI_SPTDIVCR14, 0x0E0E6360U},
/* AXI sram protected area setting */
{
AXI_SPTCR0, 0x0E000E0EU}, {
AXI_SPTCR1, 0x0E000000U}, {
AXI_SPTCR2, 0x0E000000U}, {
AXI_SPTCR3, 0x0E000000U}, {
AXI_SPTCR4, 0x0E000000U}, {
AXI_SPTCR5, 0x0E000000U}, {
AXI_SPTCR6, 0x0E000000U}, {
AXI_SPTCR7, 0x0E000000U}, {
AXI_SPTCR8, 0x0E000000U}, {
AXI_SPTCR9, 0x0E000000U}, {
AXI_SPTCR10, 0x0E000000U}, {
AXI_SPTCR11, 0x0E000000U}, {
AXI_SPTCR12, 0x0E000000U}, {
AXI_SPTCR13, 0x0E000000U}, {
AXI_SPTCR14, 0x0E000000U}, {
AXI_SPTCR15, 0x0E000000U}
};
static void lifec_security_setting(void)
{
uint32_t i;
for (i = 0; i < ARRAY_SIZE(lifec); i++)
mmio_write_32(lifec[i].reg, lifec[i].val);
}
/* SRAM/DRAM protection setting */
static void axi_security_setting(void)
{
uint32_t i;
for (i = 0; i < ARRAY_SIZE(axi); i++)
mmio_write_32(axi[i].reg, axi[i].val);
}
void bl2_secure_setting(void)
{
const uint32_t delay = 10;
lifec_security_setting();
axi_security_setting();
rcar_micro_delay(delay);
return;
}