From 9427c745e3e9bd6a3ec26599a6a9a689fdf82002 Mon Sep 17 00:00:00 2001
From: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Date: Thu, 25 Oct 2018 22:20:24 +0530
Subject: [PATCH] plat/arm/sgi: add secure memory support for sgi575 and
 sgiclarka

Remove the platform common plat_arm_security_setup function to allow
platform specific implementations of the security setup function
implemented in the board directory of the platform.

For use by secure software, configure region0 of DMC-620 trustzone
controller to protect the upper 16MB of memory of the first DRAM block
from non-secure accesses.

Change-Id: I9a8c19656702c4fa4f6917b3655b692d443bb568
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
---
 plat/arm/board/sgi575/include/platform_def.h  |  7 +++-
 plat/arm/board/sgi575/platform.mk             |  4 +-
 plat/arm/board/sgi575/sgi575_security.c       | 39 +++++++++++++++++++
 .../board/sgiclarka/include/platform_def.h    |  7 +++-
 plat/arm/board/sgiclarka/platform.mk          |  4 +-
 plat/arm/board/sgiclarka/sgiclarka_security.c | 39 +++++++++++++++++++
 plat/arm/css/sgi/sgi-common.mk                |  3 +-
 plat/arm/css/sgi/sgi_security.c               | 15 -------
 8 files changed, 97 insertions(+), 21 deletions(-)
 create mode 100644 plat/arm/board/sgi575/sgi575_security.c
 create mode 100644 plat/arm/board/sgiclarka/sgiclarka_security.c
 delete mode 100644 plat/arm/css/sgi/sgi_security.c

diff --git a/plat/arm/board/sgi575/include/platform_def.h b/plat/arm/board/sgi575/include/platform_def.h
index 1870fc78a..c06a0a1fa 100644
--- a/plat/arm/board/sgi575/include/platform_def.h
+++ b/plat/arm/board/sgi575/include/platform_def.h
@@ -8,11 +8,16 @@
 #define PLATFORM_DEF_H
 
 #include <sgi_base_platform_def.h>
+#include <utils_def.h>
 
 #define PLAT_ARM_CLUSTER_COUNT		2
 #define CSS_SGI_MAX_CPUS_PER_CLUSTER	4
 #define CSS_SGI_MAX_PE_PER_CPU		1
 
-#define PLAT_CSS_MHU_BASE		0x45000000
+#define PLAT_CSS_MHU_BASE		UL(0x45000000)
+
+/* Base address of DMC-620 instances */
+#define SGI575_DMC620_BASE0		UL(0x4e000000)
+#define SGI575_DMC620_BASE1		UL(0x4e100000)
 
 #endif /* PLATFORM_DEF_H */
diff --git a/plat/arm/board/sgi575/platform.mk b/plat/arm/board/sgi575/platform.mk
index 8df8b1292..dd82d2975 100644
--- a/plat/arm/board/sgi575/platform.mk
+++ b/plat/arm/board/sgi575/platform.mk
@@ -14,7 +14,9 @@ SGI_CPU_SOURCES		:=	lib/cpus/aarch64/cortex_a75.S
 
 BL1_SOURCES		+=	${SGI_CPU_SOURCES}
 
-BL2_SOURCES		+=	lib/utils/mem_region.c			\
+BL2_SOURCES		+=	${SGI575_BASE}/sgi575_security.c	\
+				drivers/arm/tzc/tzc_dmc620.c		\
+				lib/utils/mem_region.c			\
 				plat/arm/common/arm_nor_psci_mem_protect.c
 
 BL31_SOURCES		+=	${SGI_CPU_SOURCES}			\
diff --git a/plat/arm/board/sgi575/sgi575_security.c b/plat/arm/board/sgi575/sgi575_security.c
new file mode 100644
index 000000000..7ccc59a7b
--- /dev/null
+++ b/plat/arm/board/sgi575/sgi575_security.c
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <debug.h>
+#include <platform_def.h>
+#include <tzc_dmc620.h>
+
+uintptr_t sgi575_dmc_base[] = {
+	SGI575_DMC620_BASE0,
+	SGI575_DMC620_BASE1
+};
+
+static const tzc_dmc620_driver_data_t sgi575_plat_driver_data = {
+	.dmc_base = sgi575_dmc_base,
+	.dmc_count = ARRAY_SIZE(sgi575_dmc_base)
+};
+
+static const tzc_dmc620_acc_addr_data_t sgi575_acc_addr_data[] = {
+	{
+		.region_base = ARM_AP_TZC_DRAM1_BASE,
+		.region_top = ARM_AP_TZC_DRAM1_BASE + ARM_TZC_DRAM1_SIZE - 1,
+		.sec_attr = TZC_DMC620_REGION_S_RDWR
+	}
+};
+
+static const tzc_dmc620_config_data_t sgi575_plat_config_data = {
+	.plat_drv_data = &sgi575_plat_driver_data,
+	.plat_acc_addr_data = sgi575_acc_addr_data,
+	.acc_addr_count = ARRAY_SIZE(sgi575_acc_addr_data)
+};
+
+/* Initialize the secure environment */
+void plat_arm_security_setup(void)
+{
+	arm_tzc_dmc620_setup(&sgi575_plat_config_data);
+}
diff --git a/plat/arm/board/sgiclarka/include/platform_def.h b/plat/arm/board/sgiclarka/include/platform_def.h
index abc48d84c..ba6d0434b 100644
--- a/plat/arm/board/sgiclarka/include/platform_def.h
+++ b/plat/arm/board/sgiclarka/include/platform_def.h
@@ -8,11 +8,16 @@
 #define PLATFORM_DEF_H
 
 #include <sgi_base_platform_def.h>
+#include <utils_def.h>
 
 #define PLAT_ARM_CLUSTER_COUNT		2
 #define CSS_SGI_MAX_CPUS_PER_CLUSTER	4
 #define CSS_SGI_MAX_PE_PER_CPU		1
 
-#define PLAT_CSS_MHU_BASE		0x45400000
+#define PLAT_CSS_MHU_BASE		UL(0x45400000)
+
+/* Base address of DMC-620 instances */
+#define SGICLARKA_DMC620_BASE0		UL(0x4e000000)
+#define SGICLARKA_DMC620_BASE1		UL(0x4e100000)
 
 #endif /* PLATFORM_DEF_H */
diff --git a/plat/arm/board/sgiclarka/platform.mk b/plat/arm/board/sgiclarka/platform.mk
index fc2f76670..cf02219fb 100644
--- a/plat/arm/board/sgiclarka/platform.mk
+++ b/plat/arm/board/sgiclarka/platform.mk
@@ -14,7 +14,9 @@ SGI_CPU_SOURCES		:=	lib/cpus/aarch64/cortex_ares.S
 
 BL1_SOURCES		+=	${SGI_CPU_SOURCES}
 
-BL2_SOURCES		+=	lib/utils/mem_region.c			\
+BL2_SOURCES		+=	${SGICLARKA_BASE}/sgiclarka_security.c	\
+				drivers/arm/tzc/tzc_dmc620.c		\
+				lib/utils/mem_region.c			\
 				plat/arm/common/arm_nor_psci_mem_protect.c
 
 BL31_SOURCES		+=	${SGI_CPU_SOURCES}			\
diff --git a/plat/arm/board/sgiclarka/sgiclarka_security.c b/plat/arm/board/sgiclarka/sgiclarka_security.c
new file mode 100644
index 000000000..29cd75474
--- /dev/null
+++ b/plat/arm/board/sgiclarka/sgiclarka_security.c
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <debug.h>
+#include <platform_def.h>
+#include <tzc_dmc620.h>
+
+uintptr_t sgiclarka_dmc_base[] = {
+	SGICLARKA_DMC620_BASE0,
+	SGICLARKA_DMC620_BASE1
+};
+
+static const tzc_dmc620_driver_data_t sgiclarka_plat_driver_data = {
+	.dmc_base = sgiclarka_dmc_base,
+	.dmc_count = ARRAY_SIZE(sgiclarka_dmc_base)
+};
+
+static const tzc_dmc620_acc_addr_data_t sgiclarka_acc_addr_data[] = {
+	{
+		.region_base = ARM_AP_TZC_DRAM1_BASE,
+		.region_top = ARM_AP_TZC_DRAM1_BASE + ARM_TZC_DRAM1_SIZE - 1,
+		.sec_attr = TZC_DMC620_REGION_S_RDWR
+	}
+};
+
+static const tzc_dmc620_config_data_t sgiclarka_plat_config_data = {
+	.plat_drv_data = &sgiclarka_plat_driver_data,
+	.plat_acc_addr_data = sgiclarka_acc_addr_data,
+	.acc_addr_count = ARRAY_SIZE(sgiclarka_acc_addr_data)
+};
+
+/* Initialize the secure environment */
+void plat_arm_security_setup(void)
+{
+	arm_tzc_dmc620_setup(&sgiclarka_plat_config_data);
+}
diff --git a/plat/arm/css/sgi/sgi-common.mk b/plat/arm/css/sgi/sgi-common.mk
index d6e5448de..46fa7c4d7 100644
--- a/plat/arm/css/sgi/sgi-common.mk
+++ b/plat/arm/css/sgi/sgi-common.mk
@@ -35,8 +35,7 @@ PLAT_BL_COMMON_SOURCES	+=	${CSS_ENT_BASE}/sgi_plat.c	\
 
 BL1_SOURCES		+=	${INTERCONNECT_SOURCES}
 
-BL2_SOURCES		+=	${CSS_ENT_BASE}/sgi_security.c		\
-				${CSS_ENT_BASE}/sgi_image_load.c
+BL2_SOURCES		+=	${CSS_ENT_BASE}/sgi_image_load.c
 
 BL31_SOURCES		+=	${INTERCONNECT_SOURCES}			\
 				${ENT_GIC_SOURCES}			\
diff --git a/plat/arm/css/sgi/sgi_security.c b/plat/arm/css/sgi/sgi_security.c
deleted file mode 100644
index 23e1a64e5..000000000
--- a/plat/arm/css/sgi/sgi_security.c
+++ /dev/null
@@ -1,15 +0,0 @@
-/*
- * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <arm_config.h>
-#include <plat_arm.h>
-
-/*
- * We assume that all security programming is done by the primary core.
- */
-void plat_arm_security_setup(void)
-{
-}