1 /* 2 * Copyright 2021 NXP 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 * 6 */ 7 8 #include <common/debug.h> 9 10 #include <plat_tzc400.h> 11 12 #pragma weak populate_tzc400_reg_list 13 14 #ifdef DEFAULT_TZASC_CONFIG 15 /* 16 * Typical Memory map of DRAM0 17 * |-----------NXP_NS_DRAM_ADDR ( = NXP_DRAM0_ADDR)----------| 18 * | | 19 * | | 20 * | Non-SECURE REGION | 21 * | | 22 * | | 23 * | | 24 * |------- (NXP_NS_DRAM_ADDR + NXP_NS_DRAM_SIZE - 1) -------| 25 * |-----------------NXP_SECURE_DRAM_ADDR--------------------| 26 * | | 27 * | | 28 * | | 29 * | SECURE REGION (= 64MB) | 30 * | | 31 * | | 32 * | | 33 * |--- (NXP_SECURE_DRAM_ADDR + NXP_SECURE_DRAM_SIZE - 1)----| 34 * |-----------------NXP_SP_SHRD_DRAM_ADDR-------------------| 35 * | | 36 * | Secure EL1 Payload SHARED REGION (= 2MB) | 37 * | | 38 * |-----------(NXP_DRAM0_ADDR + NXP_DRAM0_SIZE - 1)---------| 39 * 40 * 41 * 42 * Typical Memory map of DRAM1 43 * |---------------------NXP_DRAM1_ADDR----------------------| 44 * | | 45 * | | 46 * | Non-SECURE REGION | 47 * | | 48 * | | 49 * |---(NXP_DRAM1_ADDR + Dynamically calculated Size - 1) ---| 50 * 51 * 52 * Typical Memory map of DRAM2 53 * |---------------------NXP_DRAM2_ADDR----------------------| 54 * | | 55 * | | 56 * | Non-SECURE REGION | 57 * | | 58 * | | 59 * |---(NXP_DRAM2_ADDR + Dynamically calculated Size - 1) ---| 60 */ 61 62 /***************************************************************************** 63 * This function sets up access permissions on memory regions 64 * 65 * Input: 66 * tzc400_reg_list : TZC400 Region List 67 * dram_idx : DRAM index 68 * list_idx : TZC400 Region List Index 69 * dram_start_addr : Start address of DRAM at dram_idx. 70 * dram_size : Size of DRAM at dram_idx. 71 * secure_dram_sz : Secure DRAM Size 72 * shrd_dram_sz : Shared DRAM Size 73 * 74 * Out: 75 * list_idx : last populated index + 1 76 * 77 ****************************************************************************/ 78 int populate_tzc400_reg_list(struct tzc400_reg *tzc400_reg_list, 79 int dram_idx, int list_idx, 80 uint64_t dram_start_addr, 81 uint64_t dram_size, 82 uint32_t secure_dram_sz, 83 uint32_t shrd_dram_sz) 84 { 85 if (list_idx == 0) { 86 /* No need to configure TZC Region 0 in this list. 87 */ 88 list_idx++; 89 } 90 /* Continue with list entries for index > 0 */ 91 if (dram_idx == 0) { 92 /* TZC Region 1 on DRAM0 for Secure Memory*/ 93 tzc400_reg_list[list_idx].reg_filter_en = 1; 94 tzc400_reg_list[list_idx].start_addr = dram_start_addr + dram_size; 95 tzc400_reg_list[list_idx].end_addr = dram_start_addr + dram_size 96 + secure_dram_sz - 1; 97 tzc400_reg_list[list_idx].sec_attr = TZC_REGION_S_RDWR; 98 tzc400_reg_list[list_idx].nsaid_permissions = TZC_REGION_NS_NONE; 99 list_idx++; 100 101 /* TZC Region 2 on DRAM0 for Shared Memory*/ 102 tzc400_reg_list[list_idx].reg_filter_en = 1; 103 tzc400_reg_list[list_idx].start_addr = dram_start_addr + dram_size 104 + secure_dram_sz; 105 tzc400_reg_list[list_idx].end_addr = dram_start_addr + dram_size 106 + secure_dram_sz 107 + shrd_dram_sz 108 - 1; 109 tzc400_reg_list[list_idx].sec_attr = TZC_REGION_S_RDWR; 110 tzc400_reg_list[list_idx].nsaid_permissions = TZC_NS_ACCESS_ID; 111 list_idx++; 112 113 /* TZC Region 3 on DRAM0 for Non-Secure Memory*/ 114 tzc400_reg_list[list_idx].reg_filter_en = 1; 115 tzc400_reg_list[list_idx].start_addr = dram_start_addr; 116 tzc400_reg_list[list_idx].end_addr = dram_start_addr + dram_size 117 - 1; 118 tzc400_reg_list[list_idx].sec_attr = TZC_REGION_S_RDWR; 119 tzc400_reg_list[list_idx].nsaid_permissions = TZC_NS_ACCESS_ID; 120 list_idx++; 121 } else { 122 /* TZC Region 3+i on DRAM(> 0) for Non-Secure Memory*/ 123 tzc400_reg_list[list_idx].reg_filter_en = 1; 124 tzc400_reg_list[list_idx].start_addr = dram_start_addr; 125 tzc400_reg_list[list_idx].end_addr = dram_start_addr + dram_size 126 - 1; 127 tzc400_reg_list[list_idx].sec_attr = TZC_REGION_S_RDWR; 128 tzc400_reg_list[list_idx].nsaid_permissions = TZC_NS_ACCESS_ID; 129 list_idx++; 130 } 131 132 return list_idx; 133 } 134 #else 135 int populate_tzc400_reg_list(struct tzc400_reg *tzc400_reg_list, 136 int dram_idx, int list_idx, 137 uint64_t dram_start_addr, 138 uint64_t dram_size, 139 uint32_t secure_dram_sz, 140 uint32_t shrd_dram_sz) 141 { 142 ERROR("tzc400_reg_list used is not a default list\n"); 143 ERROR("%s needs to be over-written.\n", __func__); 144 return 0; 145 } 146 #endif /* DEFAULT_TZASC_CONFIG */ 147 148 /******************************************************************************* 149 * Configure memory access permissions 150 * - Region 0 with no access; 151 * - Region 1 to 4 as per the tzc400_reg_list populated by 152 * function populate_tzc400_reg_list() with default for all the SoC. 153 ******************************************************************************/ 154 void mem_access_setup(uintptr_t base, uint32_t total_regions, 155 struct tzc400_reg *tzc400_reg_list) 156 { 157 uint32_t list_indx = 0U; 158 159 INFO("Configuring TrustZone Controller\n"); 160 161 tzc400_init(base); 162 163 /* Disable filters. */ 164 tzc400_disable_filters(); 165 166 /* Region 0 set to no access by default */ 167 tzc400_configure_region0(TZC_REGION_S_NONE, 0U); 168 169 for (list_indx = 1U; list_indx < total_regions; list_indx++) { 170 tzc400_configure_region( 171 tzc400_reg_list[list_indx].reg_filter_en, 172 list_indx, 173 tzc400_reg_list[list_indx].start_addr, 174 tzc400_reg_list[list_indx].end_addr, 175 tzc400_reg_list[list_indx].sec_attr, 176 tzc400_reg_list[list_indx].nsaid_permissions); 177 } 178 179 /* 180 * Raise an exception if a NS device tries to access secure memory 181 * TODO: Add interrupt handling support. 182 */ 183 tzc400_set_action(TZC_ACTION_ERR); 184 185 /* Enable filters. */ 186 tzc400_enable_filters(); 187 } 188