feat(rk3568): add early CPU reset mechanism to enable crypto function

The CPU crypto is not default on when power up, need to enable it by
software. This commit implements a mechanism to enable the

feat(rk3568): add early CPU reset mechanism to enable crypto function

The CPU crypto is not default on when power up, need to enable it by
software. This commit implements a mechanism to enable the cryptographic
hardware accelerator on the RK3568 platform during early boot. The
function `rockchip_cpu_reset_early` is added and conditionally compiled
via the new build flag `PLAT_RK_CPU_RESET_EARLY`.

Change-Id: Ibe35f9d65bbb5280e71e21979ca1d3bc9b38cae5
Signed-off-by: Shengfei Xu <xsf@rock-chips.com>

show more ...

feat(rk3568): protect TF-As memory area with the DDR firewall

Similar to most (all?) other Rockchip SoCs, the RK3568 also has a DDR
firewall to restrict memory regions to secure usage.

The original

feat(rk3568): protect TF-As memory area with the DDR firewall

Similar to most (all?) other Rockchip SoCs, the RK3568 also has a DDR
firewall to restrict memory regions to secure usage.

The original submission didn't protect the TF-A's memory region, so
implement this now with knowledge gained from comments in the OPTEE
pull-request for the rk356x [0].

Contrary to other SoCs like RK3576 and RK3588, the RK3568 memory
regions are managed in blocks of 128KB, not blocks of 1MB size.
With the registers having 16bit for upper and lower block id, this then
can completely fill the 8GB max ram size the RK356x supports.

The whole behaviour was tested with a number of reads from main u-boot.
With the current config of protecting everything in the first MB of memory,
doing any reads before the 1MB border will trigger the expected
"Synchronous Abort" and restart.

So doing
=> md 0x100000 4
will succeed, but reading anything before this will trigger the Abort.

[0] https://github.com/OP-TEE/optee_os/pull/6954#issuecomment-3041255974

Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Tested-by: Diederik de Haas <diederik@cknow-tech.com>
Change-Id: I6c75ab2813566e727e46cea86dd229625a64dd3f

show more ...

feat(rk3568): bring DDR firewall naming in line

The TRM declares that region as FIREWALL_DDR, so name the memory region
accordingly in TF-A and also remove the double FW_DDR + _REG addon from
the on

feat(rk3568): bring DDR firewall naming in line

The TRM declares that region as FIREWALL_DDR, so name the memory region
accordingly in TF-A and also remove the double FW_DDR + _REG addon from
the one known register.

Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Change-Id: Ic098baa13b5c0b4cf339905030ee7d777bcbda34

show more ...

feat(rk3568): move existing secure init to separate files

Move the existing secure_timer_init() and sgrf_init() to a separate
file similar to the other Rockchip platforms.

This allows us to add add

feat(rk3568): move existing secure init to separate files

Move the existing secure_timer_init() and sgrf_init() to a separate
file similar to the other Rockchip platforms.

This allows us to add additional secure init later on.

Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Change-Id: I1151abed77d68b3730d505c547919e60415e3951

show more ...

fix(rockchip): fix comment and value about TZRAM_SIZE

TZRAM_SIZE is 0x100000 which is 1MB, not 512KB as the comment suggests.
Additionally using the existing SZ_1M constant is way nicer.

Signed-off

fix(rockchip): fix comment and value about TZRAM_SIZE

TZRAM_SIZE is 0x100000 which is 1MB, not 512KB as the comment suggests.
Additionally using the existing SZ_1M constant is way nicer.

Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Change-Id: I277347963b93f7ac69897cc1be252087521882e4

show more ...

feat(rk3568): support SCMI for clock/reset domain

rockchip scmi clock controls clocks which only available in secure mode.

Change-Id: Ide3a8dac72512ce79331592c3cbb86577de7df70
Signed-off-by: Shengf

feat(rk3568): support SCMI for clock/reset domain

rockchip scmi clock controls clocks which only available in secure mode.

Change-Id: Ide3a8dac72512ce79331592c3cbb86577de7df70
Signed-off-by: Shengfei Xu <xsf@rock-chips.com>

show more ...

refactor(build): make it standard to request a custom linker script

Hoist the add_define to a global location so that platforms only have to
declare its usage. Fix up #ifdef to #if since we will now

refactor(build): make it standard to request a custom linker script

Hoist the add_define to a global location so that platforms only have to
declare its usage. Fix up #ifdef to #if since we will now always pass a
definition.

Change-Id: Ia52ad5ed4dcbd157d139c8ca2fb3d35b32343b93
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

feat(rockchip): add RK3566/RK3568 Socs support

RK3566/RK3568 is a Quad-core soc and Cortex-a55 inside.
This patch supports the following functions:
1. basic platform setup
2. power up/off cpus
3. su

feat(rockchip): add RK3566/RK3568 Socs support

RK3566/RK3568 is a Quad-core soc and Cortex-a55 inside.
This patch supports the following functions:
1. basic platform setup
2. power up/off cpus
3. suspend/resume cpus
4. suspend/resume system
5. reset system

Signed-off-by: shengfei Xu <xsf@rock-chips.com>
Change-Id: I8b98a4d07664de26bd6078f63664cbc3d9c1c68c

show more ...