plat/arm/sgi: add secure memory support for sgi575 and sgiclarka

Remove the platform common plat_arm_security_setup function to allow
platform specific implementations of the security setup function
implemented in the board directory of the platform.

For use by secure software, configure region0 of DMC-620 trustzone
controller to protect the upper 16MB of memory of the first DRAM block
from non-secure accesses.

Change-Id: I9a8c19656702c4fa4f6917b3655b692d443bb568
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>

plat/arm/board/sgi575/include/platform_def.h

@@ -8,11 +8,16 @@
 #define PLATFORM_DEF_H
 
 #include <sgi_base_platform_def.h>
+#include <utils_def.h>
 
 #define PLAT_ARM_CLUSTER_COUNT		2
 #define CSS_SGI_MAX_CPUS_PER_CLUSTER	4
 #define CSS_SGI_MAX_PE_PER_CPU		1
 
-#define PLAT_CSS_MHU_BASE		0x45000000
+#define PLAT_CSS_MHU_BASE		UL(0x45000000)
+
+/* Base address of DMC-620 instances */
+#define SGI575_DMC620_BASE0		UL(0x4e000000)
+#define SGI575_DMC620_BASE1		UL(0x4e100000)
 
 #endif /* PLATFORM_DEF_H */

plat/arm/board/sgi575/platform.mk

@@ -14,7 +14,9 @@ SGI_CPU_SOURCES		:=	lib/cpus/aarch64/cortex_a75.S
 
 BL1_SOURCES		+=	${SGI_CPU_SOURCES}
 
-BL2_SOURCES		+=	lib/utils/mem_region.c			\
+BL2_SOURCES		+=	${SGI575_BASE}/sgi575_security.c	\
+				drivers/arm/tzc/tzc_dmc620.c		\
+				lib/utils/mem_region.c			\
 				plat/arm/common/arm_nor_psci_mem_protect.c
 
 BL31_SOURCES		+=	${SGI_CPU_SOURCES}			\

plat/arm/board/sgi575/sgi575_security.c

@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <debug.h>
+#include <platform_def.h>
+#include <tzc_dmc620.h>
+
+uintptr_t sgi575_dmc_base[] = {
+	SGI575_DMC620_BASE0,
+	SGI575_DMC620_BASE1
+};
+
+static const tzc_dmc620_driver_data_t sgi575_plat_driver_data = {
+	.dmc_base = sgi575_dmc_base,
+	.dmc_count = ARRAY_SIZE(sgi575_dmc_base)
+};
+
+static const tzc_dmc620_acc_addr_data_t sgi575_acc_addr_data[] = {
+	{
+		.region_base = ARM_AP_TZC_DRAM1_BASE,
+		.region_top = ARM_AP_TZC_DRAM1_BASE + ARM_TZC_DRAM1_SIZE - 1,
+		.sec_attr = TZC_DMC620_REGION_S_RDWR
+	}
+};
+
+static const tzc_dmc620_config_data_t sgi575_plat_config_data = {
+	.plat_drv_data = &sgi575_plat_driver_data,
+	.plat_acc_addr_data = sgi575_acc_addr_data,
+	.acc_addr_count = ARRAY_SIZE(sgi575_acc_addr_data)
+};
+
+/* Initialize the secure environment */
+void plat_arm_security_setup(void)
+{
+	arm_tzc_dmc620_setup(&sgi575_plat_config_data);
+}

plat/arm/board/sgiclarka/include/platform_def.h

@@ -8,11 +8,16 @@
 #define PLATFORM_DEF_H
 
 #include <sgi_base_platform_def.h>
+#include <utils_def.h>
 
 #define PLAT_ARM_CLUSTER_COUNT		2
 #define CSS_SGI_MAX_CPUS_PER_CLUSTER	4
 #define CSS_SGI_MAX_PE_PER_CPU		1
 
-#define PLAT_CSS_MHU_BASE		0x45400000
+#define PLAT_CSS_MHU_BASE		UL(0x45400000)
+
+/* Base address of DMC-620 instances */
+#define SGICLARKA_DMC620_BASE0		UL(0x4e000000)
+#define SGICLARKA_DMC620_BASE1		UL(0x4e100000)
 
 #endif /* PLATFORM_DEF_H */

plat/arm/board/sgiclarka/platform.mk

@@ -14,7 +14,9 @@ SGI_CPU_SOURCES		:=	lib/cpus/aarch64/cortex_ares.S
 
 BL1_SOURCES		+=	${SGI_CPU_SOURCES}
 
-BL2_SOURCES		+=	lib/utils/mem_region.c			\
+BL2_SOURCES		+=	${SGICLARKA_BASE}/sgiclarka_security.c	\
+				drivers/arm/tzc/tzc_dmc620.c		\
+				lib/utils/mem_region.c			\
 				plat/arm/common/arm_nor_psci_mem_protect.c
 
 BL31_SOURCES		+=	${SGI_CPU_SOURCES}			\

plat/arm/board/sgiclarka/sgiclarka_security.c

@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <debug.h>
+#include <platform_def.h>
+#include <tzc_dmc620.h>
+
+uintptr_t sgiclarka_dmc_base[] = {
+	SGICLARKA_DMC620_BASE0,
+	SGICLARKA_DMC620_BASE1
+};
+
+static const tzc_dmc620_driver_data_t sgiclarka_plat_driver_data = {
+	.dmc_base = sgiclarka_dmc_base,
+	.dmc_count = ARRAY_SIZE(sgiclarka_dmc_base)
+};
+
+static const tzc_dmc620_acc_addr_data_t sgiclarka_acc_addr_data[] = {
+	{
+		.region_base = ARM_AP_TZC_DRAM1_BASE,
+		.region_top = ARM_AP_TZC_DRAM1_BASE + ARM_TZC_DRAM1_SIZE - 1,
+		.sec_attr = TZC_DMC620_REGION_S_RDWR
+	}
+};
+
+static const tzc_dmc620_config_data_t sgiclarka_plat_config_data = {
+	.plat_drv_data = &sgiclarka_plat_driver_data,
+	.plat_acc_addr_data = sgiclarka_acc_addr_data,
+	.acc_addr_count = ARRAY_SIZE(sgiclarka_acc_addr_data)
+};
+
+/* Initialize the secure environment */
+void plat_arm_security_setup(void)
+{
+	arm_tzc_dmc620_setup(&sgiclarka_plat_config_data);
+}

plat/arm/css/sgi/sgi-common.mk

@@ -35,8 +35,7 @@ PLAT_BL_COMMON_SOURCES	+=	${CSS_ENT_BASE}/sgi_plat.c	\
 
 BL1_SOURCES		+=	${INTERCONNECT_SOURCES}
 
-BL2_SOURCES		+=	${CSS_ENT_BASE}/sgi_security.c		\
-				${CSS_ENT_BASE}/sgi_image_load.c
+BL2_SOURCES		+=	${CSS_ENT_BASE}/sgi_image_load.c
 
 BL31_SOURCES		+=	${INTERCONNECT_SOURCES}			\
 				${ENT_GIC_SOURCES}			\

plat/arm/css/sgi/sgi_security.c

@@ -1,15 +0,0 @@
-/*
- * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <arm_config.h>
-#include <plat_arm.h>
-
-/*
- * We assume that all security programming is done by the primary core.
- */
-void plat_arm_security_setup(void)
-{
-}