summaryrefslogtreecommitdiffstats
path: root/drivers/nxp/tzc
diff options
context:
space:
mode:
Diffstat (limited to 'drivers/nxp/tzc')
-rw-r--r--drivers/nxp/tzc/plat_tzc380.c152
-rw-r--r--drivers/nxp/tzc/plat_tzc400.c187
-rw-r--r--drivers/nxp/tzc/tzc.mk40
3 files changed, 379 insertions, 0 deletions
diff --git a/drivers/nxp/tzc/plat_tzc380.c b/drivers/nxp/tzc/plat_tzc380.c
new file mode 100644
index 0000000..13cf3b9
--- /dev/null
+++ b/drivers/nxp/tzc/plat_tzc380.c
@@ -0,0 +1,152 @@
+/*
+ * Copyright 2018-2021 NXP
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <common/debug.h>
+#include <plat_tzc380.h>
+
+#pragma weak populate_tzc380_reg_list
+
+#ifdef DEFAULT_TZASC_CONFIG
+/*
+ * Typical Memory map of DRAM0
+ * |-----------NXP_NS_DRAM_ADDR ( = NXP_DRAM0_ADDR)----------|
+ * | |
+ * | |
+ * | Non-SECURE REGION |
+ * | |
+ * | |
+ * | |
+ * |------- (NXP_NS_DRAM_ADDR + NXP_NS_DRAM_SIZE - 1) -------|
+ * |-----------------NXP_SECURE_DRAM_ADDR--------------------|
+ * | |
+ * | |
+ * | |
+ * | SECURE REGION (= 64MB) |
+ * | |
+ * | |
+ * | |
+ * |--- (NXP_SECURE_DRAM_ADDR + NXP_SECURE_DRAM_SIZE - 1)----|
+ * |-----------------NXP_SP_SHRD_DRAM_ADDR-------------------|
+ * | |
+ * | Secure EL1 Payload SHARED REGION (= 2MB) |
+ * | |
+ * |-----------(NXP_DRAM0_ADDR + NXP_DRAM0_SIZE - 1)---------|
+ *
+ *
+ *
+ * Typical Memory map of DRAM1
+ * |---------------------NXP_DRAM1_ADDR----------------------|
+ * | |
+ * | |
+ * | Non-SECURE REGION |
+ * | |
+ * | |
+ * |---(NXP_DRAM1_ADDR + Dynamically calculated Size - 1) ---|
+ *
+ *
+ * Typical Memory map of DRAM2
+ * |---------------------NXP_DRAM2_ADDR----------------------|
+ * | |
+ * | |
+ * | Non-SECURE REGION |
+ * | |
+ * | |
+ * |---(NXP_DRAM2_ADDR + Dynamically calculated Size - 1) ---|
+ */
+
+/*****************************************************************************
+ * This function sets up access permissions on memory regions
+ *
+ * Input:
+ * tzc380_reg_list : TZC380 Region List
+ * dram_idx : DRAM index
+ * list_idx : TZC380 Region List Index
+ * dram_start_addr : Start address of DRAM at dram_idx.
+ * dram_size : Size of DRAM at dram_idx.
+ * secure_dram_sz : Secure DRAM Size
+ * shrd_dram_sz : Shared DRAM Size
+ *
+ * Out:
+ * list_idx : last populated index + 1
+ *
+ ****************************************************************************/
+int populate_tzc380_reg_list(struct tzc380_reg *tzc380_reg_list,
+ int dram_idx, int list_idx,
+ uint64_t dram_start_addr,
+ uint64_t dram_size,
+ uint32_t secure_dram_sz,
+ uint32_t shrd_dram_sz)
+{
+ /* Region 0: Default region marked as Non-Secure */
+ if (list_idx == 0) {
+ tzc380_reg_list[list_idx].secure = TZC_ATTR_SP_NS_RW;
+ tzc380_reg_list[list_idx].enabled = TZC_ATTR_REGION_DISABLE;
+ tzc380_reg_list[list_idx].addr = UL(0x0);
+ tzc380_reg_list[list_idx].size = 0x0;
+ tzc380_reg_list[list_idx].sub_mask = 0x0; /* all enabled */
+ list_idx++;
+ }
+ /* Continue with list entries for index > 0 */
+ if (dram_idx == 0) {
+ /* TZC Region 1 on DRAM0 for Secure Memory*/
+ tzc380_reg_list[list_idx].secure = TZC_ATTR_SP_S_RW;
+ tzc380_reg_list[list_idx].enabled = TZC_ATTR_REGION_ENABLE;
+ tzc380_reg_list[list_idx].addr = dram_start_addr + dram_size;
+ tzc380_reg_list[list_idx].size = secure_dram_sz;
+ tzc380_reg_list[list_idx].sub_mask = 0x0; /* all enabled */
+ list_idx++;
+
+ /* TZC Region 2 on DRAM0 for Shared Memory*/
+ tzc380_reg_list[list_idx].secure = TZC_ATTR_SP_S_RW;
+ tzc380_reg_list[list_idx].enabled = TZC_ATTR_REGION_ENABLE;
+ tzc380_reg_list[list_idx].addr = dram_start_addr + dram_size + secure_dram_sz;
+ tzc380_reg_list[list_idx].size = shrd_dram_sz;
+ tzc380_reg_list[list_idx].sub_mask = 0x0; /* all enabled */
+ list_idx++;
+
+ }
+
+ return list_idx;
+}
+#else
+int populate_tzc380_reg_list(struct tzc380_reg *tzc380_reg_list,
+ int dram_idx, int list_idx,
+ uint64_t dram_start_addr,
+ uint64_t dram_size,
+ uint32_t secure_dram_sz,
+ uint32_t shrd_dram_sz)
+{
+ ERROR("tzc380_reg_list used is not a default list\n");
+ ERROR("%s needs to be over-written.\n", __func__);
+ return 0;
+}
+#endif /* DEFAULT_TZASC_CONFIG */
+
+
+void mem_access_setup(uintptr_t base, uint32_t total_regions,
+ struct tzc380_reg *tzc380_reg_list)
+{
+ uint32_t indx = 0;
+ unsigned int attr_value;
+
+ VERBOSE("Configuring TrustZone Controller tzc380\n");
+
+ tzc380_init(base);
+
+ tzc380_set_action(TZC_ACTION_NONE);
+
+ for (indx = 0; indx < total_regions; indx++) {
+ attr_value = tzc380_reg_list[indx].secure |
+ TZC_ATTR_SUBREG_DIS(tzc380_reg_list[indx].sub_mask) |
+ TZC_ATTR_REGION_SIZE(tzc380_reg_list[indx].size) |
+ tzc380_reg_list[indx].enabled;
+
+ tzc380_configure_region(indx, tzc380_reg_list[indx].addr,
+ attr_value);
+ }
+
+ tzc380_set_action(TZC_ACTION_ERR);
+}
diff --git a/drivers/nxp/tzc/plat_tzc400.c b/drivers/nxp/tzc/plat_tzc400.c
new file mode 100644
index 0000000..4fe5221
--- /dev/null
+++ b/drivers/nxp/tzc/plat_tzc400.c
@@ -0,0 +1,187 @@
+/*
+ * Copyright 2021 NXP
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include <common/debug.h>
+
+#include <plat_tzc400.h>
+
+#pragma weak populate_tzc400_reg_list
+
+#ifdef DEFAULT_TZASC_CONFIG
+/*
+ * Typical Memory map of DRAM0
+ * |-----------NXP_NS_DRAM_ADDR ( = NXP_DRAM0_ADDR)----------|
+ * | |
+ * | |
+ * | Non-SECURE REGION |
+ * | |
+ * | |
+ * | |
+ * |------- (NXP_NS_DRAM_ADDR + NXP_NS_DRAM_SIZE - 1) -------|
+ * |-----------------NXP_SECURE_DRAM_ADDR--------------------|
+ * | |
+ * | |
+ * | |
+ * | SECURE REGION (= 64MB) |
+ * | |
+ * | |
+ * | |
+ * |--- (NXP_SECURE_DRAM_ADDR + NXP_SECURE_DRAM_SIZE - 1)----|
+ * |-----------------NXP_SP_SHRD_DRAM_ADDR-------------------|
+ * | |
+ * | Secure EL1 Payload SHARED REGION (= 2MB) |
+ * | |
+ * |-----------(NXP_DRAM0_ADDR + NXP_DRAM0_SIZE - 1)---------|
+ *
+ *
+ *
+ * Typical Memory map of DRAM1
+ * |---------------------NXP_DRAM1_ADDR----------------------|
+ * | |
+ * | |
+ * | Non-SECURE REGION |
+ * | |
+ * | |
+ * |---(NXP_DRAM1_ADDR + Dynamically calculated Size - 1) ---|
+ *
+ *
+ * Typical Memory map of DRAM2
+ * |---------------------NXP_DRAM2_ADDR----------------------|
+ * | |
+ * | |
+ * | Non-SECURE REGION |
+ * | |
+ * | |
+ * |---(NXP_DRAM2_ADDR + Dynamically calculated Size - 1) ---|
+ */
+
+/*****************************************************************************
+ * This function sets up access permissions on memory regions
+ *
+ * Input:
+ * tzc400_reg_list : TZC400 Region List
+ * dram_idx : DRAM index
+ * list_idx : TZC400 Region List Index
+ * dram_start_addr : Start address of DRAM at dram_idx.
+ * dram_size : Size of DRAM at dram_idx.
+ * secure_dram_sz : Secure DRAM Size
+ * shrd_dram_sz : Shared DRAM Size
+ *
+ * Out:
+ * list_idx : last populated index + 1
+ *
+ ****************************************************************************/
+int populate_tzc400_reg_list(struct tzc400_reg *tzc400_reg_list,
+ int dram_idx, int list_idx,
+ uint64_t dram_start_addr,
+ uint64_t dram_size,
+ uint32_t secure_dram_sz,
+ uint32_t shrd_dram_sz)
+{
+ if (list_idx == 0) {
+ /* No need to configure TZC Region 0 in this list.
+ */
+ list_idx++;
+ }
+ /* Continue with list entries for index > 0 */
+ if (dram_idx == 0) {
+ /* TZC Region 1 on DRAM0 for Secure Memory*/
+ tzc400_reg_list[list_idx].reg_filter_en = 1;
+ tzc400_reg_list[list_idx].start_addr = dram_start_addr + dram_size;
+ tzc400_reg_list[list_idx].end_addr = dram_start_addr + dram_size
+ + secure_dram_sz - 1;
+ tzc400_reg_list[list_idx].sec_attr = TZC_REGION_S_RDWR;
+ tzc400_reg_list[list_idx].nsaid_permissions = TZC_REGION_NS_NONE;
+ list_idx++;
+
+ /* TZC Region 2 on DRAM0 for Shared Memory*/
+ tzc400_reg_list[list_idx].reg_filter_en = 1;
+ tzc400_reg_list[list_idx].start_addr = dram_start_addr + dram_size
+ + secure_dram_sz;
+ tzc400_reg_list[list_idx].end_addr = dram_start_addr + dram_size
+ + secure_dram_sz
+ + shrd_dram_sz
+ - 1;
+ tzc400_reg_list[list_idx].sec_attr = TZC_REGION_S_RDWR;
+ tzc400_reg_list[list_idx].nsaid_permissions = TZC_NS_ACCESS_ID;
+ list_idx++;
+
+ /* TZC Region 3 on DRAM0 for Non-Secure Memory*/
+ tzc400_reg_list[list_idx].reg_filter_en = 1;
+ tzc400_reg_list[list_idx].start_addr = dram_start_addr;
+ tzc400_reg_list[list_idx].end_addr = dram_start_addr + dram_size
+ - 1;
+ tzc400_reg_list[list_idx].sec_attr = TZC_REGION_S_RDWR;
+ tzc400_reg_list[list_idx].nsaid_permissions = TZC_NS_ACCESS_ID;
+ list_idx++;
+ } else {
+ /* TZC Region 3+i on DRAM(> 0) for Non-Secure Memory*/
+ tzc400_reg_list[list_idx].reg_filter_en = 1;
+ tzc400_reg_list[list_idx].start_addr = dram_start_addr;
+ tzc400_reg_list[list_idx].end_addr = dram_start_addr + dram_size
+ - 1;
+ tzc400_reg_list[list_idx].sec_attr = TZC_REGION_S_RDWR;
+ tzc400_reg_list[list_idx].nsaid_permissions = TZC_NS_ACCESS_ID;
+ list_idx++;
+ }
+
+ return list_idx;
+}
+#else
+int populate_tzc400_reg_list(struct tzc400_reg *tzc400_reg_list,
+ int dram_idx, int list_idx,
+ uint64_t dram_start_addr,
+ uint64_t dram_size,
+ uint32_t secure_dram_sz,
+ uint32_t shrd_dram_sz)
+{
+ ERROR("tzc400_reg_list used is not a default list\n");
+ ERROR("%s needs to be over-written.\n", __func__);
+ return 0;
+}
+#endif /* DEFAULT_TZASC_CONFIG */
+
+/*******************************************************************************
+ * Configure memory access permissions
+ * - Region 0 with no access;
+ * - Region 1 to 4 as per the tzc400_reg_list populated by
+ * function populate_tzc400_reg_list() with default for all the SoC.
+ ******************************************************************************/
+void mem_access_setup(uintptr_t base, uint32_t total_regions,
+ struct tzc400_reg *tzc400_reg_list)
+{
+ uint32_t list_indx = 0U;
+
+ INFO("Configuring TrustZone Controller\n");
+
+ tzc400_init(base);
+
+ /* Disable filters. */
+ tzc400_disable_filters();
+
+ /* Region 0 set to no access by default */
+ tzc400_configure_region0(TZC_REGION_S_NONE, 0U);
+
+ for (list_indx = 1U; list_indx < total_regions; list_indx++) {
+ tzc400_configure_region(
+ tzc400_reg_list[list_indx].reg_filter_en,
+ list_indx,
+ tzc400_reg_list[list_indx].start_addr,
+ tzc400_reg_list[list_indx].end_addr,
+ tzc400_reg_list[list_indx].sec_attr,
+ tzc400_reg_list[list_indx].nsaid_permissions);
+ }
+
+ /*
+ * Raise an exception if a NS device tries to access secure memory
+ * TODO: Add interrupt handling support.
+ */
+ tzc400_set_action(TZC_ACTION_ERR);
+
+ /* Enable filters. */
+ tzc400_enable_filters();
+}
diff --git a/drivers/nxp/tzc/tzc.mk b/drivers/nxp/tzc/tzc.mk
new file mode 100644
index 0000000..4418bfc
--- /dev/null
+++ b/drivers/nxp/tzc/tzc.mk
@@ -0,0 +1,40 @@
+#
+# Copyright 2021 NXP
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+ifeq (${ADD_TZASC},)
+
+ADD_TZASC := 1
+
+PLAT_INCLUDES += -I$(PLAT_DRIVERS_INCLUDE_PATH)/tzc
+
+ifeq ($(TZC_ID), TZC400)
+TZASC_SOURCES += drivers/arm/tzc/tzc400.c\
+ $(PLAT_DRIVERS_PATH)/tzc/plat_tzc400.c
+else
+ifeq ($(TZC_ID), TZC380)
+TZASC_SOURCES += drivers/arm/tzc/tzc380.c\
+ $(PLAT_DRIVERS_PATH)/tzc/plat_tzc380.c
+else
+ifeq ($(TZC_ID), NONE)
+ $(info -> No TZC present on platform)
+else
+ $(error -> TZC type not set!)
+endif
+endif
+endif
+
+ifeq (${BL_COMM_TZASC_NEEDED},yes)
+BL_COMMON_SOURCES += ${TZASC_SOURCES}
+else
+ifeq (${BL2_TZASC_NEEDED},yes)
+BL2_SOURCES += ${TZASC_SOURCES}
+endif
+ifeq (${BL31_TZASC_NEEDED},yes)
+BL31_SOURCES += ${TZASC_SOURCES}
+endif
+endif
+
+endif