From 96318f828f5def96251747b33747d01d82e4e5d3 Mon Sep 17 00:00:00 2001 From: Suyash Pathak Date: Thu, 6 Feb 2020 11:51:54 +0530 Subject: [PATCH 1/4] plat/arm: allow boards to define PLAT_ARM_TZC_FILTERS A TZC400 can have upto 4 filters and the number of filters instantiated within a TZC400 is platform dependent. So allow platforms to define the value of PLAT_ARM_TZC_FILTERS by moving the existing Juno specific definition of PLAT_ARM_TZC_FILTERS to Juno board definitions. Change-Id: I67a63d7336595bbfdce3163f9a9473e15e266f40 Signed-off-by: Suyash Pathak --- include/plat/arm/css/common/css_def.h | 3 --- plat/arm/board/juno/include/platform_def.h | 3 +++ 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/plat/arm/css/common/css_def.h b/include/plat/arm/css/common/css_def.h index 7b6148445..d59935266 100644 --- a/include/plat/arm/css/common/css_def.h +++ b/include/plat/arm/css/common/css_def.h @@ -189,9 +189,6 @@ /* Load address of Non-Secure Image for CSS platform ports */ #define PLAT_ARM_NS_IMAGE_BASE U(0xE0000000) -/* TZC related constants */ -#define PLAT_ARM_TZC_FILTERS TZC_400_REGION_ATTR_FILTER_BIT_ALL - /* * Parsing of CPU and Cluster states, as returned by 'Get CSS Power State' SCP * command diff --git a/plat/arm/board/juno/include/platform_def.h b/plat/arm/board/juno/include/platform_def.h index eddd7e570..56e7b566d 100644 --- a/plat/arm/board/juno/include/platform_def.h +++ b/plat/arm/board/juno/include/platform_def.h @@ -212,6 +212,9 @@ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_GPU) | \ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CORESIGHT)) +/* TZC related constants */ +#define PLAT_ARM_TZC_FILTERS TZC_400_REGION_ATTR_FILTER_BIT_ALL + /* * Required ARM CSS based platform porting definitions */ From 86f297a3e1549624716ccf678f7f80d0141e5834 Mon Sep 17 00:00:00 2001 From: Suyash Pathak Date: Wed, 12 Feb 2020 10:36:20 +0530 Subject: [PATCH 2/4] plat/arm: allow boards to specify second DRAM Base address The base address for second DRAM varies across different platforms. So allow platforms to define second DRAM by moving Juno/SGM-775 specific definition of second DRAM base address to Juno/SGM-775 board definition respectively, SGI/RD specific definition of DRAM 2 base address to SGI board definition. Change-Id: I0ecd3a2bd600b6c7019c7f06f8c452952bd07cae Signed-off-by: Suyash Pathak --- include/plat/arm/board/common/board_css_def.h | 9 +-------- plat/arm/board/juno/include/platform_def.h | 3 +++ plat/arm/board/sgm775/include/platform_def.h | 5 ++++- plat/arm/css/sgi/include/sgi_base_platform_def.h | 3 +++ 4 files changed, 11 insertions(+), 9 deletions(-) diff --git a/include/plat/arm/board/common/board_css_def.h b/include/plat/arm/board/common/board_css_def.h index 4637b6785..b79e0d572 100644 --- a/include/plat/arm/board/common/board_css_def.h +++ b/include/plat/arm/board/common/board_css_def.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -50,13 +50,6 @@ #define PLAT_ARM_NVM_BASE V2M_FLASH0_BASE #define PLAT_ARM_NVM_SIZE (V2M_FLASH0_SIZE - V2M_FLASH_BLOCK_SIZE) -/* - * Required platform porting definitions common to all ARM CSS-based - * development platforms - */ -#define PLAT_ARM_DRAM2_BASE ULL(0x880000000) -#define PLAT_ARM_DRAM2_SIZE ULL(0x180000000) - /* UART related constants */ #define PLAT_ARM_BOOT_UART_BASE SOC_CSS_UART0_BASE #define PLAT_ARM_BOOT_UART_CLK_IN_HZ SOC_CSS_UART0_CLK_IN_HZ diff --git a/plat/arm/board/juno/include/platform_def.h b/plat/arm/board/juno/include/platform_def.h index 56e7b566d..cfac80182 100644 --- a/plat/arm/board/juno/include/platform_def.h +++ b/plat/arm/board/juno/include/platform_def.h @@ -50,6 +50,9 @@ #define NSRAM_BASE UL(0x2e000000) #define NSRAM_SIZE UL(0x00008000) /* 32KB */ +#define PLAT_ARM_DRAM2_BASE ULL(0x880000000) +#define PLAT_ARM_DRAM2_SIZE ULL(0x180000000) + /* virtual address used by dynamic mem_protect for chunk_base */ #define PLAT_ARM_MEM_PROTEC_VA_FRAME UL(0xc0000000) diff --git a/plat/arm/board/sgm775/include/platform_def.h b/plat/arm/board/sgm775/include/platform_def.h index d165ff9ed..e83cd5764 100644 --- a/plat/arm/board/sgm775/include/platform_def.h +++ b/plat/arm/board/sgm775/include/platform_def.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2019, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -12,6 +12,9 @@ #define PLAT_MAX_CPUS_PER_CLUSTER U(8) #define PLAT_MAX_PE_PER_CPU U(1) +#define PLAT_ARM_DRAM2_BASE ULL(0x880000000) +#define PLAT_ARM_DRAM2_SIZE ULL(0x180000000) + /* * Physical and virtual address space limits for MMU in AARCH64 & AARCH32 modes */ diff --git a/plat/arm/css/sgi/include/sgi_base_platform_def.h b/plat/arm/css/sgi/include/sgi_base_platform_def.h index 4986378e9..9a482d0c0 100644 --- a/plat/arm/css/sgi/include/sgi_base_platform_def.h +++ b/plat/arm/css/sgi/include/sgi_base_platform_def.h @@ -123,6 +123,9 @@ #define PLAT_ARM_NSRAM_BASE 0x06000000 #define PLAT_ARM_NSRAM_SIZE 0x00080000 /* 512KB */ +#define PLAT_ARM_DRAM2_BASE ULL(0x8080000000) +#define PLAT_ARM_DRAM2_SIZE ULL(0x180000000) + #define PLAT_ARM_G1S_IRQ_PROPS(grp) CSS_G1S_IRQ_PROPS(grp) #define PLAT_ARM_G0_IRQ_PROPS(grp) ARM_G0_IRQ_PROPS(grp) From 4ed16765187158eab9587d0b1eea13a82aed040f Mon Sep 17 00:00:00 2001 From: Suyash Pathak Date: Tue, 4 Feb 2020 13:55:20 +0530 Subject: [PATCH 3/4] plat/arm/tzc: add support to configure multiple tzc400 For platforms that have two or more TZC400 controllers instantiated, allow the TZC400 driver to be usable with all those instances. This is achieved by allowing 'arm_tzc400_setup' function to accept the base address of the TZC400 controller. Change-Id: I4add470e6ddb58432cd066145e644112400ab924 Signed-off-by: Suyash Pathak --- include/plat/arm/common/plat_arm.h | 3 ++- plat/arm/board/fvp/fvp_security.c | 4 ++-- plat/arm/board/juno/juno_security.c | 6 +++--- plat/arm/common/arm_tzc400.c | 9 +++++---- 4 files changed, 12 insertions(+), 10 deletions(-) diff --git a/include/plat/arm/common/plat_arm.h b/include/plat/arm/common/plat_arm.h index 025a64fa2..ac70e7560 100644 --- a/include/plat/arm/common/plat_arm.h +++ b/include/plat/arm/common/plat_arm.h @@ -152,7 +152,8 @@ void arm_setup_romlib(void); int arm_io_setup(void); /* Security utility functions */ -void arm_tzc400_setup(const arm_tzc_regions_info_t *tzc_regions); +void arm_tzc400_setup(uintptr_t tzc_base, + const arm_tzc_regions_info_t *tzc_regions); struct tzc_dmc500_driver_data; void arm_tzc_dmc500_setup(struct tzc_dmc500_driver_data *plat_driver_data, const arm_tzc_regions_info_t *tzc_regions); diff --git a/plat/arm/board/fvp/fvp_security.c b/plat/arm/board/fvp/fvp_security.c index 80ec2171b..937f09f6e 100644 --- a/plat/arm/board/fvp/fvp_security.c +++ b/plat/arm/board/fvp/fvp_security.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2014-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -22,5 +22,5 @@ void plat_arm_security_setup(void) */ if ((get_arm_config()->flags & ARM_CONFIG_HAS_TZC) != 0U) - arm_tzc400_setup(NULL); + arm_tzc400_setup(PLAT_ARM_TZC_BASE, NULL); } diff --git a/plat/arm/board/juno/juno_security.c b/plat/arm/board/juno/juno_security.c index 32823e01c..1e64c029d 100644 --- a/plat/arm/board/juno/juno_security.c +++ b/plat/arm/board/juno/juno_security.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014-2019, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2014-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -127,13 +127,13 @@ void plat_arm_security_setup(void) init_debug_cfg(); /* Initialize the TrustZone Controller */ #ifdef JUNO_TZMP1 - arm_tzc400_setup(juno_tzmp1_tzc_regions); + arm_tzc400_setup(PLAT_ARM_TZC_BASE, juno_tzmp1_tzc_regions); INFO("TZC protected shared memory base address for TZMP usecase: %p\n", (void *)JUNO_AP_TZC_SHARE_DRAM1_BASE); INFO("TZC protected shared memory end address for TZMP usecase: %p\n", (void *)JUNO_AP_TZC_SHARE_DRAM1_END); #else - arm_tzc400_setup(NULL); + arm_tzc400_setup(PLAT_ARM_TZC_BASE, NULL); #endif /* Do ARM CSS internal NIC setup */ css_init_nic400(); diff --git a/plat/arm/common/arm_tzc400.c b/plat/arm/common/arm_tzc400.c index 34e650f19..370ef0a86 100644 --- a/plat/arm/common/arm_tzc400.c +++ b/plat/arm/common/arm_tzc400.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2014-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -19,7 +19,8 @@ * When booting an EL3 payload, this is simplified: we configure region 0 with * secure access only and do not enable any other region. ******************************************************************************/ -void arm_tzc400_setup(const arm_tzc_regions_info_t *tzc_regions) +void arm_tzc400_setup(uintptr_t tzc_base, + const arm_tzc_regions_info_t *tzc_regions) { #ifndef EL3_PAYLOAD_BASE unsigned int region_index = 1U; @@ -32,7 +33,7 @@ void arm_tzc400_setup(const arm_tzc_regions_info_t *tzc_regions) INFO("Configuring TrustZone Controller\n"); - tzc400_init(PLAT_ARM_TZC_BASE); + tzc400_init(tzc_base); /* Disable filters. */ tzc400_disable_filters(); @@ -74,5 +75,5 @@ void arm_tzc400_setup(const arm_tzc_regions_info_t *tzc_regions) void plat_arm_security_setup(void) { - arm_tzc400_setup(NULL); + arm_tzc400_setup(PLAT_ARM_TZC_BASE, NULL); } From 4bbb3a541647cf8729c1ffd7792e8eb6d0669830 Mon Sep 17 00:00:00 2001 From: Suyash Pathak Date: Wed, 12 Feb 2020 10:08:55 +0530 Subject: [PATCH 4/4] board/rddaniel: intialize tzc400 controllers A TZC400 controller is placed inline on DRAM channels and regulates the secure and non-secure accesses to both secure and non-secure regions of the DRAM memory. Configure each of the TZC controllers accordingly. Change-Id: I75f6d13591a7fe9e50ce15c793e35a8018041815 Signed-off-by: Suyash Pathak --- plat/arm/board/rddaniel/include/platform_def.h | 15 +++++++++++++++ plat/arm/board/rddaniel/platform.mk | 2 ++ plat/arm/board/rddaniel/rddaniel_security.c | 10 ++++++++++ 3 files changed, 27 insertions(+) diff --git a/plat/arm/board/rddaniel/include/platform_def.h b/plat/arm/board/rddaniel/include/platform_def.h index 516360278..790ed696b 100644 --- a/plat/arm/board/rddaniel/include/platform_def.h +++ b/plat/arm/board/rddaniel/include/platform_def.h @@ -21,6 +21,21 @@ #define CSS_SYSTEM_PWR_DMN_LVL ARM_PWR_LVL2 #define PLAT_MAX_PWR_LVL ARM_PWR_LVL1 +/* TZC Related Constants */ +#define PLAT_ARM_TZC_BASE UL(0x21830000) +#define PLAT_ARM_TZC_FILTERS TZC_400_REGION_ATTR_FILTER_BIT(0) + +#define TZC400_OFFSET UL(0x1000000) +#define TZC400_COUNT 4 + +#define TZC400_BASE(n) (PLAT_ARM_TZC_BASE + \ + (n * TZC400_OFFSET)) + +#define TZC_NSAID_ALL_AP U(0) + +#define PLAT_ARM_TZC_NS_DEV_ACCESS \ + (TZC_REGION_ACCESS_RDWR(TZC_NSAID_ALL_AP)) + /* * Physical and virtual address space limits for MMU in AARCH64 & AARCH32 modes */ diff --git a/plat/arm/board/rddaniel/platform.mk b/plat/arm/board/rddaniel/platform.mk index c7e3c7dd8..ca2647418 100644 --- a/plat/arm/board/rddaniel/platform.mk +++ b/plat/arm/board/rddaniel/platform.mk @@ -18,6 +18,8 @@ BL2_SOURCES += ${RDDANIEL_BASE}/rddaniel_plat.c \ ${RDDANIEL_BASE}/rddaniel_security.c \ ${RDDANIEL_BASE}/rddaniel_err.c \ lib/utils/mem_region.c \ + drivers/arm/tzc/tzc400.c \ + plat/arm/common/arm_tzc400.c \ plat/arm/common/arm_nor_psci_mem_protect.c BL31_SOURCES += ${SGI_CPU_SOURCES} \ diff --git a/plat/arm/board/rddaniel/rddaniel_security.c b/plat/arm/board/rddaniel/rddaniel_security.c index 6aa38c822..1247db860 100644 --- a/plat/arm/board/rddaniel/rddaniel_security.c +++ b/plat/arm/board/rddaniel/rddaniel_security.c @@ -4,9 +4,19 @@ * SPDX-License-Identifier: BSD-3-Clause */ +#include #include +static const arm_tzc_regions_info_t tzc_regions[] = { + ARM_TZC_REGIONS_DEF, + {} +}; + /* Initialize the secure environment */ void plat_arm_security_setup(void) { + int i; + + for (i = 0; i < TZC400_COUNT; i++) + arm_tzc400_setup(TZC400_BASE(i), tzc_regions); }