1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017-2018, STMicroelectronics 4 * Copyright (c) 2016-2018, Linaro Limited 5 */ 6 7 #include <boot_api.h> 8 #include <console.h> 9 #include <drivers/gic.h> 10 #include <drivers/stm32_etzpc.h> 11 #include <drivers/stm32_uart.h> 12 #include <drivers/stm32mp1_etzpc.h> 13 #include <dt-bindings/clock/stm32mp1-clks.h> 14 #include <kernel/generic_boot.h> 15 #include <kernel/dt.h> 16 #include <kernel/misc.h> 17 #include <kernel/panic.h> 18 #include <kernel/pm_stubs.h> 19 #include <kernel/spinlock.h> 20 #include <mm/core_memprot.h> 21 #include <platform_config.h> 22 #include <sm/psci.h> 23 #include <stm32_util.h> 24 #include <tee/entry_std.h> 25 #include <tee/entry_fast.h> 26 #include <trace.h> 27 28 #ifdef CFG_WITH_NSEC_GPIOS 29 register_phys_mem_pgdir(MEM_AREA_IO_NSEC, GPIOS_NSEC_BASE, GPIOS_NSEC_SIZE); 30 #endif 31 register_phys_mem_pgdir(MEM_AREA_IO_NSEC, I2C4_BASE, SMALL_PAGE_SIZE); 32 register_phys_mem_pgdir(MEM_AREA_IO_NSEC, I2C6_BASE, SMALL_PAGE_SIZE); 33 register_phys_mem_pgdir(MEM_AREA_IO_NSEC, RNG1_BASE, SMALL_PAGE_SIZE); 34 #ifdef CFG_WITH_NSEC_UARTS 35 register_phys_mem_pgdir(MEM_AREA_IO_NSEC, USART1_BASE, SMALL_PAGE_SIZE); 36 register_phys_mem_pgdir(MEM_AREA_IO_NSEC, USART2_BASE, SMALL_PAGE_SIZE); 37 register_phys_mem_pgdir(MEM_AREA_IO_NSEC, USART3_BASE, SMALL_PAGE_SIZE); 38 register_phys_mem_pgdir(MEM_AREA_IO_NSEC, UART4_BASE, SMALL_PAGE_SIZE); 39 register_phys_mem_pgdir(MEM_AREA_IO_NSEC, UART5_BASE, SMALL_PAGE_SIZE); 40 register_phys_mem_pgdir(MEM_AREA_IO_NSEC, USART6_BASE, SMALL_PAGE_SIZE); 41 register_phys_mem_pgdir(MEM_AREA_IO_NSEC, UART7_BASE, SMALL_PAGE_SIZE); 42 register_phys_mem_pgdir(MEM_AREA_IO_NSEC, UART8_BASE, SMALL_PAGE_SIZE); 43 #endif 44 45 register_phys_mem_pgdir(MEM_AREA_IO_SEC, BSEC_BASE, SMALL_PAGE_SIZE); 46 register_phys_mem_pgdir(MEM_AREA_IO_SEC, ETZPC_BASE, SMALL_PAGE_SIZE); 47 register_phys_mem_pgdir(MEM_AREA_IO_SEC, GIC_BASE, GIC_SIZE); 48 register_phys_mem_pgdir(MEM_AREA_IO_SEC, GPIOZ_BASE, SMALL_PAGE_SIZE); 49 register_phys_mem_pgdir(MEM_AREA_IO_SEC, I2C4_BASE, SMALL_PAGE_SIZE); 50 register_phys_mem_pgdir(MEM_AREA_IO_SEC, I2C6_BASE, SMALL_PAGE_SIZE); 51 register_phys_mem_pgdir(MEM_AREA_IO_SEC, PWR_BASE, SMALL_PAGE_SIZE); 52 register_phys_mem_pgdir(MEM_AREA_IO_SEC, RCC_BASE, SMALL_PAGE_SIZE); 53 register_phys_mem_pgdir(MEM_AREA_IO_SEC, RNG1_BASE, SMALL_PAGE_SIZE); 54 register_phys_mem_pgdir(MEM_AREA_IO_SEC, TAMP_BASE, SMALL_PAGE_SIZE); 55 register_phys_mem_pgdir(MEM_AREA_IO_SEC, USART1_BASE, SMALL_PAGE_SIZE); 56 57 static void main_fiq(void); 58 59 static const struct thread_handlers handlers = { 60 .nintr = main_fiq, 61 .cpu_on = pm_panic, 62 .cpu_off = pm_panic, 63 .cpu_suspend = pm_panic, 64 .cpu_resume = pm_panic, 65 .system_off = pm_panic, 66 .system_reset = pm_panic, 67 }; 68 69 const struct thread_handlers *generic_boot_get_handlers(void) 70 { 71 return &handlers; 72 } 73 74 #define _ID2STR(id) (#id) 75 #define ID2STR(id) _ID2STR(id) 76 77 static TEE_Result platform_banner(void) 78 { 79 #ifdef CFG_EMBED_DTB 80 IMSG("Platform stm32mp1: flavor %s - DT %s", 81 ID2STR(PLATFORM_FLAVOR), 82 ID2STR(CFG_EMBED_DTB_SOURCE_FILE)); 83 #else 84 IMSG("Platform stm32mp1: flavor %s - no device tree", 85 ID2STR(PLATFORM_FLAVOR)); 86 #endif 87 88 return TEE_SUCCESS; 89 } 90 service_init(platform_banner); 91 92 /* 93 * Console 94 * 95 * CFG_STM32_EARLY_CONSOLE_UART specifies the ID of the UART used for 96 * trace console. Value 0 disables the early console. 97 * 98 * We cannot use the generic serial_console support since probing 99 * the console requires the platform clock driver to be already 100 * up and ready which is done only once service_init are completed. 101 */ 102 static struct stm32_uart_pdata console_data; 103 104 void console_init(void) 105 { 106 /* Early console initialization before MMU setup */ 107 struct uart { 108 paddr_t pa; 109 bool secure; 110 } uarts[] = { 111 [0] = { .pa = 0 }, 112 [1] = { .pa = USART1_BASE, .secure = true, }, 113 [2] = { .pa = USART2_BASE, .secure = false, }, 114 [3] = { .pa = USART3_BASE, .secure = false, }, 115 [4] = { .pa = UART4_BASE, .secure = false, }, 116 [5] = { .pa = UART5_BASE, .secure = false, }, 117 [6] = { .pa = USART6_BASE, .secure = false, }, 118 [7] = { .pa = UART7_BASE, .secure = false, }, 119 [8] = { .pa = UART8_BASE, .secure = false, }, 120 }; 121 122 COMPILE_TIME_ASSERT(ARRAY_SIZE(uarts) > CFG_STM32_EARLY_CONSOLE_UART); 123 assert(!cpu_mmu_enabled()); 124 125 if (!uarts[CFG_STM32_EARLY_CONSOLE_UART].pa) 126 return; 127 128 /* No clock yet bound to the UART console */ 129 console_data.clock = DT_INFO_INVALID_CLOCK; 130 131 console_data.secure = uarts[CFG_STM32_EARLY_CONSOLE_UART].secure; 132 stm32_uart_init(&console_data, uarts[CFG_STM32_EARLY_CONSOLE_UART].pa); 133 134 register_serial_console(&console_data.chip); 135 136 IMSG("Early console on UART#%u", CFG_STM32_EARLY_CONSOLE_UART); 137 } 138 139 #ifdef CFG_DT 140 static TEE_Result init_console_from_dt(void) 141 { 142 struct stm32_uart_pdata *pd = NULL; 143 void *fdt = NULL; 144 int node = 0; 145 TEE_Result res = TEE_ERROR_GENERIC; 146 147 fdt = get_embedded_dt(); 148 res = get_console_node_from_dt(fdt, &node, NULL, NULL); 149 if (res == TEE_ERROR_ITEM_NOT_FOUND) { 150 fdt = get_external_dt(); 151 res = get_console_node_from_dt(fdt, &node, NULL, NULL); 152 if (res == TEE_ERROR_ITEM_NOT_FOUND) 153 return TEE_SUCCESS; 154 if (res != TEE_SUCCESS) 155 return res; 156 } 157 158 pd = stm32_uart_init_from_dt_node(fdt, node); 159 if (!pd) { 160 IMSG("DTB disables console"); 161 register_serial_console(NULL); 162 return TEE_SUCCESS; 163 } 164 165 /* Replace early console with the new one */ 166 console_flush(); 167 console_data = *pd; 168 free(pd); 169 register_serial_console(&console_data.chip); 170 IMSG("DTB enables console (%ssecure)", pd->secure ? "" : "non-"); 171 172 return TEE_SUCCESS; 173 } 174 175 /* Probe console from DT once clock inits (service init level) are completed */ 176 service_init_late(init_console_from_dt); 177 #endif 178 179 /* 180 * GIC init, used also for primary/secondary boot core wake completion 181 */ 182 static struct gic_data gic_data; 183 184 static void main_fiq(void) 185 { 186 gic_it_handle(&gic_data); 187 } 188 189 void main_init_gic(void) 190 { 191 assert(cpu_mmu_enabled()); 192 193 gic_init(&gic_data, get_gicc_base(), get_gicd_base()); 194 itr_init(&gic_data.chip); 195 196 stm32mp_register_online_cpu(); 197 } 198 199 void main_secondary_init_gic(void) 200 { 201 gic_cpu_init(&gic_data); 202 203 stm32mp_register_online_cpu(); 204 } 205 206 #ifndef CFG_EMBED_DTB 207 static TEE_Result init_stm32mp1_drivers(void) 208 { 209 /* Without secure DTB support, some drivers must be inited */ 210 stm32_etzpc_init(ETZPC_BASE); 211 212 return TEE_SUCCESS; 213 } 214 driver_init(init_stm32mp1_drivers); 215 #endif /*!CFG_EMBED_DTB*/ 216 217 /* Platform initializations once all drivers are ready */ 218 static TEE_Result init_late_stm32mp1_drivers(void) 219 { 220 /* Secure internal memories for the platform, once ETZPC is ready */ 221 etzpc_configure_tzma(0, ETZPC_TZMA_ALL_SECURE); 222 etzpc_lock_tzma(0); 223 etzpc_configure_tzma(1, ETZPC_TZMA_ALL_SECURE); 224 etzpc_lock_tzma(1); 225 226 /* Static secure DECPROT configuration */ 227 etzpc_configure_decprot(STM32MP1_ETZPC_STGENC_ID, ETZPC_DECPROT_S_RW); 228 etzpc_configure_decprot(STM32MP1_ETZPC_BKPSRAM_ID, ETZPC_DECPROT_S_RW); 229 etzpc_configure_decprot(STM32MP1_ETZPC_IWDG1_ID, ETZPC_DECPROT_S_RW); 230 etzpc_configure_decprot(STM32MP1_ETZPC_DDRCTRL_ID, ETZPC_DECPROT_S_RW); 231 etzpc_configure_decprot(STM32MP1_ETZPC_DDRPHYC_ID, ETZPC_DECPROT_S_RW); 232 etzpc_lock_decprot(STM32MP1_ETZPC_STGENC_ID); 233 etzpc_lock_decprot(STM32MP1_ETZPC_BKPSRAM_ID); 234 etzpc_lock_decprot(STM32MP1_ETZPC_IWDG1_ID); 235 etzpc_lock_decprot(STM32MP1_ETZPC_DDRCTRL_ID); 236 etzpc_lock_decprot(STM32MP1_ETZPC_DDRPHYC_ID); 237 /* Static non-secure DECPROT configuration */ 238 etzpc_configure_decprot(STM32MP1_ETZPC_I2C4_ID, ETZPC_DECPROT_NS_RW); 239 etzpc_configure_decprot(STM32MP1_ETZPC_RNG1_ID, ETZPC_DECPROT_NS_RW); 240 etzpc_configure_decprot(STM32MP1_ETZPC_HASH1_ID, ETZPC_DECPROT_NS_RW); 241 etzpc_configure_decprot(STM32MP1_ETZPC_CRYP1_ID, ETZPC_DECPROT_NS_RW); 242 /* Release few resource to the non-secure world */ 243 etzpc_configure_decprot(STM32MP1_ETZPC_USART1_ID, ETZPC_DECPROT_NS_RW); 244 etzpc_configure_decprot(STM32MP1_ETZPC_SPI6_ID, ETZPC_DECPROT_NS_RW); 245 etzpc_configure_decprot(STM32MP1_ETZPC_I2C6_ID, ETZPC_DECPROT_NS_RW); 246 247 return TEE_SUCCESS; 248 } 249 driver_init_late(init_late_stm32mp1_drivers); 250 251 vaddr_t get_gicc_base(void) 252 { 253 struct io_pa_va base = { .pa = GIC_BASE + GICC_OFFSET }; 254 255 return io_pa_or_va_secure(&base); 256 } 257 258 vaddr_t get_gicd_base(void) 259 { 260 struct io_pa_va base = { .pa = GIC_BASE + GICD_OFFSET }; 261 262 return io_pa_or_va_secure(&base); 263 } 264 265 void stm32mp_get_bsec_static_cfg(struct stm32_bsec_static_cfg *cfg) 266 { 267 cfg->base = BSEC_BASE; 268 cfg->upper_start = STM32MP1_UPPER_OTP_START; 269 cfg->max_id = STM32MP1_OTP_MAX_ID; 270 cfg->closed_device_id = DATA0_OTP; 271 cfg->closed_device_position = DATA0_OTP_SECURED_POS; 272 } 273 274 bool stm32mp_is_closed_device(void) 275 { 276 uint32_t otp = 0; 277 TEE_Result result = TEE_ERROR_GENERIC; 278 279 /* Non closed_device platform expects fuse well programmed to 0 */ 280 result = stm32_bsec_shadow_read_otp(&otp, DATA0_OTP); 281 if (!result && !(otp & BIT(DATA0_OTP_SECURED_POS))) 282 return false; 283 284 return true; 285 } 286 287 uint32_t may_spin_lock(unsigned int *lock) 288 { 289 if (!lock || !cpu_mmu_enabled()) 290 return 0; 291 292 return cpu_spin_lock_xsave(lock); 293 } 294 295 void may_spin_unlock(unsigned int *lock, uint32_t exceptions) 296 { 297 if (!lock || !cpu_mmu_enabled()) 298 return; 299 300 cpu_spin_unlock_xrestore(lock, exceptions); 301 } 302 303 static vaddr_t stm32_tamp_base(void) 304 { 305 static struct io_pa_va base = { .pa = TAMP_BASE }; 306 307 return io_pa_or_va_secure(&base); 308 } 309 310 static vaddr_t bkpreg_base(void) 311 { 312 return stm32_tamp_base() + TAMP_BKP_REGISTER_OFF; 313 } 314 315 vaddr_t stm32mp_bkpreg(unsigned int idx) 316 { 317 return bkpreg_base() + (idx * sizeof(uint32_t)); 318 } 319 320 vaddr_t stm32_get_gpio_bank_base(unsigned int bank) 321 { 322 static struct io_pa_va gpios_nsec_base = { .pa = GPIOS_NSEC_BASE }; 323 static struct io_pa_va gpioz_base = { .pa = GPIOZ_BASE }; 324 325 /* Get non-secure mapping address for GPIOZ */ 326 if (bank == GPIO_BANK_Z) 327 return io_pa_or_va_nsec(&gpioz_base); 328 329 COMPILE_TIME_ASSERT(GPIO_BANK_A == 0); 330 assert(bank <= GPIO_BANK_K); 331 332 return io_pa_or_va_nsec(&gpios_nsec_base) + (bank * GPIO_BANK_OFFSET); 333 } 334 335 unsigned int stm32_get_gpio_bank_offset(unsigned int bank) 336 { 337 if (bank == GPIO_BANK_Z) 338 return 0; 339 340 assert(bank <= GPIO_BANK_K); 341 return bank * GPIO_BANK_OFFSET; 342 } 343 344 unsigned int stm32_get_gpio_bank_clock(unsigned int bank) 345 { 346 if (bank == GPIO_BANK_Z) 347 return GPIOZ; 348 349 assert(bank <= GPIO_BANK_K); 350 return GPIOA + bank; 351 } 352