diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-21 17:43:51 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-21 17:43:51 +0000 |
| commit | be58c81aff4cd4c0ccf43dbd7998da4a6a08c03b (patch) | |
| tree | 779c248fb61c83f65d1f0dc867f2053d76b4e03a /plat/arm/common/arm_tzc400.c | |
| parent | Initial commit. (diff) | |
| download | arm-trusted-firmware-be58c81aff4cd4c0ccf43dbd7998da4a6a08c03b.tar.xz arm-trusted-firmware-be58c81aff4cd4c0ccf43dbd7998da4a6a08c03b.zip | |
Adding upstream version 2.10.0+dfsg.upstream/2.10.0+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'plat/arm/common/arm_tzc400.c')
| -rw-r--r-- | plat/arm/common/arm_tzc400.c | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/plat/arm/common/arm_tzc400.c b/plat/arm/common/arm_tzc400.c new file mode 100644 index 0000000..370ef0a --- /dev/null +++ b/plat/arm/common/arm_tzc400.c @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2014-2020, ARM Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <platform_def.h> + +#include <common/debug.h> +#include <drivers/arm/tzc400.h> +#include <plat/arm/common/plat_arm.h> + +/* Weak definitions may be overridden in specific ARM standard platform */ +#pragma weak plat_arm_security_setup + + +/******************************************************************************* + * Initialize the TrustZone Controller for ARM standard platforms. + * When booting an EL3 payload, this is simplified: we configure region 0 with + * secure access only and do not enable any other region. + ******************************************************************************/ +void arm_tzc400_setup(uintptr_t tzc_base, + const arm_tzc_regions_info_t *tzc_regions) +{ +#ifndef EL3_PAYLOAD_BASE + unsigned int region_index = 1U; + const arm_tzc_regions_info_t *p; + const arm_tzc_regions_info_t init_tzc_regions[] = { + ARM_TZC_REGIONS_DEF, + {0} + }; +#endif + + INFO("Configuring TrustZone Controller\n"); + + tzc400_init(tzc_base); + + /* Disable filters. */ + tzc400_disable_filters(); + +#ifndef EL3_PAYLOAD_BASE + if (tzc_regions == NULL) + p = init_tzc_regions; + else + p = tzc_regions; + + /* Region 0 set to no access by default */ + tzc400_configure_region0(TZC_REGION_S_NONE, 0); + + /* Rest Regions set according to tzc_regions array */ + for (; p->base != 0ULL; p++) { + tzc400_configure_region(PLAT_ARM_TZC_FILTERS, region_index, + p->base, p->end, p->sec_attr, p->nsaid_permissions); + region_index++; + } + + INFO("Total %u regions set.\n", region_index); + +#else /* if defined(EL3_PAYLOAD_BASE) */ + + /* Allow Secure and Non-secure access to DRAM for EL3 payloads */ + tzc400_configure_region0(TZC_REGION_S_RDWR, PLAT_ARM_TZC_NS_DEV_ACCESS); + +#endif /* EL3_PAYLOAD_BASE */ + + /* + * Raise an exception if a NS device tries to access secure memory + * TODO: Add interrupt handling support. + */ + tzc400_set_action(TZC_ACTION_ERR); + + /* Enable filters. */ + tzc400_enable_filters(); +} + +void plat_arm_security_setup(void) +{ + arm_tzc400_setup(PLAT_ARM_TZC_BASE, NULL); +} |