From ef538c6f1b097d0a115e89aa89fb040d98e6594e Mon Sep 17 00:00:00 2001 From: Juan Castillo Date: Thu, 4 Sep 2014 14:43:09 +0100 Subject: [PATCH 1/2] Juno: Use TZC-400 driver calls This patch replaces direct accesses to the TZC-400 registers by the appropiate calls to the generic driver available in the Trusted Firmware in order to initialize the TrustZone Controller. Functions related to the initialization of the secure memory, like the TZC-400 configuration, have been moved to a new file 'plat_security.c'. This reorganization makes easier to set up the secure memory from any BL stage. TZC-400 initialization has been moved from BL1 to BL2 because BL1 does not access the non-secure memory. It is BL2's responsibility to enable and configure the TZC-400 before loading the next BL images. In Juno, BL3-0 initializes some of the platform peripherals, like the DDR controller. Thus, BL3-0 must be loaded before configuring the TrustZone Controller. As a consequence, the IO layer initialization has been moved to early platform initialization. Fixes ARM-software/tf-issues#234 Change-Id: I83dde778f937ac8d2996f7377e871a2e77d9490e --- bl2/bl2_main.c | 6 +-- plat/juno/bl1_plat_setup.c | 32 ---------------- plat/juno/bl2_plat_setup.c | 7 +++- plat/juno/juno_private.h | 3 ++ plat/juno/plat_security.c | 76 ++++++++++++++++++++++++++++++++++++++ plat/juno/platform.mk | 4 +- 6 files changed, 90 insertions(+), 38 deletions(-) create mode 100644 plat/juno/plat_security.c diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c index 51c55e01c..a73946ed9 100644 --- a/bl2/bl2_main.c +++ b/bl2/bl2_main.c @@ -199,9 +199,6 @@ void bl2_main(void) /* Perform remaining generic architectural setup in S-EL1 */ bl2_arch_setup(); - /* Perform platform setup in BL2 */ - bl2_platform_setup(); - /* * Load the subsequent bootloader images */ @@ -211,6 +208,9 @@ void bl2_main(void) panic(); } + /* Perform platform setup in BL2 after loading BL3-0 */ + bl2_platform_setup(); + /* * Get a pointer to the memory the platform has set aside to pass * information to BL3-1. diff --git a/plat/juno/bl1_plat_setup.c b/plat/juno/bl1_plat_setup.c index 5804682c4..e27e39489 100644 --- a/plat/juno/bl1_plat_setup.c +++ b/plat/juno/bl1_plat_setup.c @@ -37,7 +37,6 @@ #include #include #include -#include #include "../../bl1/bl1_private.h" #include "juno_def.h" #include "juno_private.h" @@ -150,36 +149,6 @@ static void init_nic400(void) } -static void init_tzc400(void) -{ - /* Enable all filter units available */ - mmio_write_32(TZC400_BASE + GATE_KEEPER_OFF, 0x0000000f); - - /* - * Secure read and write are enabled for region 0, and the background - * region (region 0) is enabled for all four filter units - */ - mmio_write_32(TZC400_BASE + REGION_ATTRIBUTES_OFF, 0xc0000000); - - /* - * Enable Non-secure read/write accesses for the Soc Devices from the - * Non-Secure World - */ - mmio_write_32(TZC400_BASE + REGION_ID_ACCESS_OFF, - TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CCI400) | - TZC_REGION_ACCESS_RDWR(TZC400_NSAID_PCIE) | - TZC_REGION_ACCESS_RDWR(TZC400_NSAID_HDLCD0) | - TZC_REGION_ACCESS_RDWR(TZC400_NSAID_HDLCD1) | - TZC_REGION_ACCESS_RDWR(TZC400_NSAID_USB) | - TZC_REGION_ACCESS_RDWR(TZC400_NSAID_DMA330) | - TZC_REGION_ACCESS_RDWR(TZC400_NSAID_THINLINKS) | - TZC_REGION_ACCESS_RDWR(TZC400_NSAID_AP) | - TZC_REGION_ACCESS_RDWR(TZC400_NSAID_GPU) | - TZC_REGION_ACCESS_RDWR(TZC400_NSAID_SCP) | - TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CORESIGHT) - ); -} - #define PCIE_SECURE_REG 0x3000 #define PCIE_SEC_ACCESS_MASK ((1 << 0) | (1 << 1)) /* REG and MEM access bits */ @@ -200,7 +169,6 @@ static void init_pcie(void) void bl1_platform_setup(void) { init_nic400(); - init_tzc400(); init_pcie(); /* Initialise the IO layer and register platform IO devices */ diff --git a/plat/juno/bl2_plat_setup.c b/plat/juno/bl2_plat_setup.c index 717cfbb2f..ba4c5be1e 100644 --- a/plat/juno/bl2_plat_setup.c +++ b/plat/juno/bl2_plat_setup.c @@ -162,6 +162,9 @@ void bl2_early_platform_setup(meminfo_t *mem_layout) /* Setup the BL2 memory layout */ bl2_tzram_layout = *mem_layout; + + /* Initialise the IO layer and register platform IO devices */ + io_setup(); } /******************************************************************************* @@ -171,8 +174,8 @@ void bl2_early_platform_setup(meminfo_t *mem_layout) ******************************************************************************/ void bl2_platform_setup(void) { - /* Initialise the IO layer and register platform IO devices */ - io_setup(); + /* Initialize the secure environment */ + plat_security_setup(); } /* Flush the TF params and the TF plat params */ diff --git a/plat/juno/juno_private.h b/plat/juno/juno_private.h index 0dac03a9d..bb2548f17 100644 --- a/plat/juno/juno_private.h +++ b/plat/juno/juno_private.h @@ -108,6 +108,9 @@ int plat_get_image_source(const char *image_name, uintptr_t *dev_handle, uintptr_t *image_spec); +/* Declarations for security.c */ +void plat_security_setup(void); + /* * Before calling this function BL2 is loaded in memory and its entrypoint * is set by load_image. This is a placeholder for the platform to change diff --git a/plat/juno/plat_security.c b/plat/juno/plat_security.c new file mode 100644 index 000000000..851a39e8e --- /dev/null +++ b/plat/juno/plat_security.c @@ -0,0 +1,76 @@ +/* + * Copyright (c) 2014, ARM Limited and Contributors. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of ARM nor the names of its contributors may be used + * to endorse or promote products derived from this software without specific + * prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include +#include "juno_def.h" + +/******************************************************************************* + * Initialize the TrustZone Controller. Configure Region 0 with Secure RW access + * and allow Non-Secure masters full access + ******************************************************************************/ +static void init_tzc400(void) +{ + tzc_init(TZC400_BASE); + + /* Disable filters. */ + tzc_disable_filters(); + + /* Configure region 0. Juno TZC-400 handles 40-bit addresses. */ + tzc_configure_region(0xf, 0, 0x0ull, 0xffffffffffull, + TZC_REGION_S_RDWR, + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CCI400) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_PCIE) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_HDLCD0) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_HDLCD1) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_USB) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_DMA330) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_THINLINKS) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_AP) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_GPU) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_SCP) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CORESIGHT)); + + /* Raise an exception if a NS device tries to access secure memory */ + tzc_set_action(TZC_ACTION_ERR); + + /* Enable filters. */ + tzc_enable_filters(); +} + +/******************************************************************************* + * Initialize the secure environment. At this moment only the TrustZone + * Controller is initialized. + ******************************************************************************/ +void plat_security_setup(void) +{ + /* Initialize the TrustZone Controller */ + init_tzc400(); +} diff --git a/plat/juno/platform.mk b/plat/juno/platform.mk index 47465360d..2ac756eed 100644 --- a/plat/juno/platform.mk +++ b/plat/juno/platform.mk @@ -47,10 +47,12 @@ BL1_SOURCES += drivers/arm/cci400/cci400.c \ plat/juno/aarch64/plat_helpers.S \ plat/juno/aarch64/juno_common.c -BL2_SOURCES += lib/locks/bakery/bakery_lock.c \ +BL2_SOURCES += drivers/arm/tzc400/tzc400.c \ + lib/locks/bakery/bakery_lock.c \ plat/common/aarch64/platform_up_stack.S \ plat/juno/bl2_plat_setup.c \ plat/juno/mhu.c \ + plat/juno/plat_security.c \ plat/juno/aarch64/plat_helpers.S \ plat/juno/aarch64/juno_common.c \ plat/juno/scp_bootloader.c \ From 740134e6dc78785e2c75532659a8c7971a124f64 Mon Sep 17 00:00:00 2001 From: Juan Castillo Date: Fri, 5 Sep 2014 17:29:38 +0100 Subject: [PATCH 2/2] Juno: Reserve some DDR-DRAM for secure use This patch configures the TrustZone Controller in Juno to split the 2GB DDR-DRAM memory at 0x80000000 into Secure and Non-Secure regions: - Secure DDR-DRAM: top 16 MB, except for the last 2 MB which are used by the SCP for DDR retraining - Non-Secure DDR-DRAM: remaining DRAM starting at base address Build option PLAT_TSP_LOCATION selects the location of the secure payload (BL3-2): - 'tsram' : Trusted SRAM (default option) - 'dram' : Secure region in the DDR-DRAM (set by the TrustZone controller) The MMU memory map has been updated to give BL2 permission to load BL3-2 into the DDR-DRAM secure region. Fixes ARM-software/tf-issues#233 Change-Id: I6843fc32ef90aadd3ea6ac4c7f314f8ecbd5d07b --- docs/firmware-design.md | 36 ++++++++++++++++++++++++++++++++ docs/user-guide.md | 6 ++++++ drivers/arm/tzc400/tzc400.c | 2 +- include/drivers/arm/tzc400.h | 9 +++++--- plat/juno/aarch64/juno_common.c | 12 ++++++++--- plat/juno/bl2_plat_setup.c | 8 +++---- plat/juno/include/platform_def.h | 28 ++++++++++++++++++++----- plat/juno/juno_def.h | 23 ++++++++++++++++++++ plat/juno/plat_security.c | 36 ++++++++++++++++++++++++++++---- plat/juno/platform.mk | 17 +++++++++++++++ 10 files changed, 157 insertions(+), 20 deletions(-) diff --git a/docs/firmware-design.md b/docs/firmware-design.md index e952617b0..7f068b4a9 100644 --- a/docs/firmware-design.md +++ b/docs/firmware-design.md @@ -1306,6 +1306,8 @@ other boot loader images in Trusted SRAM. #### Memory layout on Juno ARM development platform +**TSP in Trusted SRAM (default option):** + Flash0 0x0C000000 +----------+ : : @@ -1329,6 +1331,40 @@ other boot loader images in Trusted SRAM. | MHU | 0x04000000 +----------+ +**TSP in the secure region of DRAM:** + + DRAM + 0xFFE00000 +----------+ + | BL3-2 | + 0xFF000000 |----------| + | | + : : + | | + 0x80000000 +----------+ + + Flash0 + 0x0C000000 +----------+ + : : + 0x0BED0000 |----------| + | BL1 (ro) | + 0x0BEC0000 |----------| + : : + | Bypass | + 0x08000000 +----------+ + + Trusted SRAM + 0x04040000 +----------+ + | BL2 | BL3-1 is loaded + 0x04033000 |----------| after BL3-0 has + | | been sent to SCP + 0x04023000 |----------| ------------------ + | BL3-0 | <<<<<<<<<<<<< | BL3-1 | + 0x04009000 |----------| ------------------ + | BL1 (rw) | + 0x04001000 |----------| + | MHU | + 0x04000000 +----------+ + The Message Handling Unit (MHU) page contains the entrypoint mailboxes and a shared memory area. This shared memory is used as a communication channel between the AP and the SCP. diff --git a/docs/user-guide.md b/docs/user-guide.md index d3a92f9b9..c58d7ced7 100644 --- a/docs/user-guide.md +++ b/docs/user-guide.md @@ -256,6 +256,12 @@ performed. For a better understanding of FVP options, the FVP memory map is explained in the [Firmware Design]. +#### Juno specific build options + +* `PLAT_TSP_LOCATION`: location of the TSP binary. Options: + - `tsram` : Trusted SRAM (default option) + - `dram` : Secure region in DRAM (set by the TrustZone controller) + ### Creating a Firmware Image Package FIPs are automatically created as part of the build instructions described in diff --git a/drivers/arm/tzc400/tzc400.c b/drivers/arm/tzc400/tzc400.c index 3ab1f3189..df52c9cf9 100644 --- a/drivers/arm/tzc400/tzc400.c +++ b/drivers/arm/tzc400/tzc400.c @@ -243,7 +243,7 @@ void tzc_configure_region(uint32_t filters, /* Assign the region to a filter and set secure attributes */ tzc_write_region_attributes(tzc.base, region, - (sec_attr << REGION_ATTRIBUTES_SEC_SHIFT) | filters); + (sec_attr << REG_ATTR_SEC_SHIFT) | filters); /* * Specify which non-secure devices have permission to access this diff --git a/include/drivers/arm/tzc400.h b/include/drivers/arm/tzc400.h index ff8b49ae9..d62e67bc3 100644 --- a/include/drivers/arm/tzc400.h +++ b/include/drivers/arm/tzc400.h @@ -126,9 +126,12 @@ #define FAIL_ID_ID_SHIFT 0 /* Used along with 'tzc_region_attributes_t' below */ -#define REGION_ATTRIBUTES_SEC_SHIFT 30 -#define REGION_ATTRIBUTES_F_EN_SHIFT 0 -#define REGION_ATTRIBUTES_F_EN_MASK 0xf +#define REG_ATTR_SEC_SHIFT 30 +#define REG_ATTR_F_EN_SHIFT 0 +#define REG_ATTR_F_EN_MASK 0xf +#define REG_ATTR_FILTER_BIT(x) ((1 << x) << REG_ATTR_F_EN_SHIFT) +#define REG_ATTR_FILTER_BIT_ALL (REG_ATTR_F_EN_MASK << \ + REG_ATTR_F_EN_SHIFT) #define REGION_ID_ACCESS_NSAID_WR_EN_SHIFT 16 #define REGION_ID_ACCESS_NSAID_RD_EN_SHIFT 0 diff --git a/plat/juno/aarch64/juno_common.c b/plat/juno/aarch64/juno_common.c index 401f5fec8..59bc7ed69 100644 --- a/plat/juno/aarch64/juno_common.c +++ b/plat/juno/aarch64/juno_common.c @@ -60,9 +60,14 @@ DEVICE1_SIZE, \ MT_DEVICE | MT_RW | MT_SECURE) -#define MAP_DRAM MAP_REGION_FLAT(DRAM_BASE, \ - DRAM_SIZE, \ +#define MAP_NS_DRAM MAP_REGION_FLAT(DRAM_NS_BASE, \ + DRAM_NS_SIZE, \ MT_MEMORY | MT_RW | MT_NS) + +#define MAP_TSP_MEM MAP_REGION_FLAT(TSP_SEC_MEM_BASE, \ + TSP_SEC_MEM_SIZE, \ + MT_MEMORY | MT_RW | MT_SECURE) + /* * Table of regions for different BL stages to map using the MMU. * This doesn't include Trusted RAM as the 'mem_layout' argument passed to @@ -85,7 +90,8 @@ static const mmap_region_t juno_mmap[] = { MAP_IOFPGA, MAP_DEVICE0, MAP_DEVICE1, - MAP_DRAM, + MAP_NS_DRAM, + MAP_TSP_MEM, {0} }; #endif diff --git a/plat/juno/bl2_plat_setup.c b/plat/juno/bl2_plat_setup.c index ba4c5be1e..900a587fd 100644 --- a/plat/juno/bl2_plat_setup.c +++ b/plat/juno/bl2_plat_setup.c @@ -312,8 +312,8 @@ void bl2_plat_get_bl32_meminfo(meminfo_t *bl32_meminfo) ******************************************************************************/ void bl2_plat_get_bl33_meminfo(meminfo_t *bl33_meminfo) { - bl33_meminfo->total_base = DRAM_BASE; - bl33_meminfo->total_size = DRAM_SIZE; - bl33_meminfo->free_base = DRAM_BASE; - bl33_meminfo->free_size = DRAM_SIZE; + bl33_meminfo->total_base = DRAM_NS_BASE; + bl33_meminfo->total_size = DRAM_NS_SIZE; + bl33_meminfo->free_base = DRAM_NS_BASE; + bl33_meminfo->free_size = DRAM_NS_SIZE; } diff --git a/plat/juno/include/platform_def.h b/plat/juno/include/platform_def.h index 6d9d0fb00..e746d0287 100644 --- a/plat/juno/include/platform_def.h +++ b/plat/juno/include/platform_def.h @@ -125,10 +125,20 @@ /******************************************************************************* * BL3-2 specific defines. ******************************************************************************/ -#define TSP_SEC_MEM_BASE TZRAM_BASE -#define TSP_SEC_MEM_SIZE TZRAM_SIZE -#define BL32_BASE (TZRAM_BASE + TZRAM_SIZE - 0x1d000) -#define BL32_LIMIT BL2_BASE +#if (PLAT_TSP_LOCATION_ID == PLAT_TRUSTED_SRAM_ID) +# define TSP_SEC_MEM_BASE TZRAM_BASE +# define TSP_SEC_MEM_SIZE TZRAM_SIZE +# define BL32_BASE (TZRAM_BASE + TZRAM_SIZE - 0x1d000) +# define BL32_LIMIT BL2_BASE +#elif (PLAT_TSP_LOCATION_ID == PLAT_DRAM_ID) +# define TSP_SEC_MEM_BASE DRAM_SEC_BASE +# define TSP_SEC_MEM_SIZE (DRAM_SEC_SIZE - DRAM_SCP_SIZE) +# define BL32_BASE DRAM_SEC_BASE +# define BL32_LIMIT (DRAM_SEC_BASE + DRAM_SEC_SIZE - \ + DRAM_SCP_SIZE) +#else +# error "Unsupported PLAT_TSP_LOCATION_ID value" +#endif /******************************************************************************* * Load address of BL3-3 in the Juno port @@ -139,7 +149,15 @@ * Platform specific page table and MMU setup constants ******************************************************************************/ #define ADDR_SPACE_SIZE (1ull << 32) -#define MAX_XLAT_TABLES 2 + +#if IMAGE_BL1 || IMAGE_BL31 +# define MAX_XLAT_TABLES 2 +#endif + +#if IMAGE_BL2 || IMAGE_BL32 +# define MAX_XLAT_TABLES 3 +#endif + #define MAX_MMAP_REGIONS 16 /******************************************************************************* diff --git a/plat/juno/juno_def.h b/plat/juno/juno_def.h index 15296ed8f..88e35b0d0 100644 --- a/plat/juno/juno_def.h +++ b/plat/juno/juno_def.h @@ -37,6 +37,9 @@ /******************************************************************************* * Juno memory map related constants ******************************************************************************/ +#define PLAT_TRUSTED_SRAM_ID 0 +#define PLAT_DRAM_ID 1 + #define MHU_SECURE_BASE 0x04000000 #define MHU_SECURE_SIZE 0x00001000 @@ -73,6 +76,26 @@ #define DRAM_BASE 0x80000000 #define DRAM_SIZE 0x80000000 +/* + * DRAM at 0x8000_0000 is divided in two regions: + * - Secure DRAM (default is the top 16MB except for the last 2MB, which are + * used by the SCP for DDR retraining) + * - Non-Secure DRAM (remaining DRAM starting at DRAM_BASE) + */ + +#define DRAM_SCP_SIZE 0x00200000 +#define DRAM_SCP_BASE (DRAM_BASE + DRAM_SIZE - DRAM_SCP_SIZE) + +#define DRAM_SEC_SIZE 0x00E00000 +#define DRAM_SEC_BASE (DRAM_SCP_BASE - DRAM_SEC_SIZE) + +#define DRAM_NS_BASE DRAM_BASE +#define DRAM_NS_SIZE (DRAM_SIZE - DRAM_SCP_SIZE - DRAM_SEC_SIZE) + +/* Second region of DRAM */ +#define DRAM2_BASE 0x880000000 +#define DRAM2_SIZE 0x180000000 + /* Memory mapped Generic timer interfaces */ #define SYS_CNTCTL_BASE 0x2a430000 #define SYS_CNTREAD_BASE 0x2a800000 diff --git a/plat/juno/plat_security.c b/plat/juno/plat_security.c index 851a39e8e..64e493f63 100644 --- a/plat/juno/plat_security.c +++ b/plat/juno/plat_security.c @@ -43,9 +43,38 @@ static void init_tzc400(void) /* Disable filters. */ tzc_disable_filters(); - /* Configure region 0. Juno TZC-400 handles 40-bit addresses. */ - tzc_configure_region(0xf, 0, 0x0ull, 0xffffffffffull, - TZC_REGION_S_RDWR, + /* Region 1 set to cover Non-Secure DRAM at 0x8000_0000. Apply the + * same configuration to all filters in the TZC. */ + tzc_configure_region(REG_ATTR_FILTER_BIT_ALL, 1, + DRAM_NS_BASE, DRAM_NS_BASE + DRAM_NS_SIZE - 1, + TZC_REGION_S_NONE, + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CCI400) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_PCIE) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_HDLCD0) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_HDLCD1) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_USB) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_DMA330) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_THINLINKS) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_AP) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_GPU) | + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CORESIGHT)); + + /* Region 2 set to cover Secure DRAM */ + tzc_configure_region(REG_ATTR_FILTER_BIT_ALL, 2, + DRAM_SEC_BASE, DRAM_SEC_BASE + DRAM_SEC_SIZE - 1, + TZC_REGION_S_RDWR, + 0); + + /* Region 3 set to cover DRAM used by SCP for DDR retraining */ + tzc_configure_region(REG_ATTR_FILTER_BIT_ALL, 3, + DRAM_SCP_BASE, DRAM_SCP_BASE + DRAM_SCP_SIZE - 1, + TZC_REGION_S_NONE, + TZC_REGION_ACCESS_RDWR(TZC400_NSAID_SCP)); + + /* Region 4 set to cover Non-Secure DRAM at 0x8_8000_0000 */ + tzc_configure_region(REG_ATTR_FILTER_BIT_ALL, 4, + DRAM2_BASE, DRAM2_BASE + DRAM2_SIZE - 1, + TZC_REGION_S_NONE, TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CCI400) | TZC_REGION_ACCESS_RDWR(TZC400_NSAID_PCIE) | TZC_REGION_ACCESS_RDWR(TZC400_NSAID_HDLCD0) | @@ -55,7 +84,6 @@ static void init_tzc400(void) TZC_REGION_ACCESS_RDWR(TZC400_NSAID_THINLINKS) | TZC_REGION_ACCESS_RDWR(TZC400_NSAID_AP) | TZC_REGION_ACCESS_RDWR(TZC400_NSAID_GPU) | - TZC_REGION_ACCESS_RDWR(TZC400_NSAID_SCP) | TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CORESIGHT)); /* Raise an exception if a NS device tries to access secure memory */ diff --git a/plat/juno/platform.mk b/plat/juno/platform.mk index 2ac756eed..0637ef3d4 100644 --- a/plat/juno/platform.mk +++ b/plat/juno/platform.mk @@ -28,6 +28,23 @@ # POSSIBILITY OF SUCH DAMAGE. # +# On Juno, the Secure Payload can be loaded either in Trusted SRAM (default) or +# Secure DRAM allocated by the TrustZone Controller. + +PLAT_TSP_LOCATION := tsram + +ifeq (${PLAT_TSP_LOCATION}, tsram) + PLAT_TSP_LOCATION_ID := PLAT_TRUSTED_SRAM_ID +else ifeq (${PLAT_TSP_LOCATION}, dram) + PLAT_TSP_LOCATION_ID := PLAT_DRAM_ID +else + $(error "Unsupported PLAT_TSP_LOCATION value") +endif + +# Process flags +$(eval $(call add_define,PLAT_TSP_LOCATION_ID)) + + PLAT_INCLUDES := -Iplat/juno/include/ PLAT_BL_COMMON_SOURCES := drivers/arm/pl011/pl011_console.S \