xref: /rk3399_ARM-atf/plat/arm/common/arm_tzc400.c (revision 1a29aba3673b753664e97fcfed1e3d38f138b3b7) 
1 /*
2  * Copyright (c) 2014-2018, ARM Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include <arm_def.h>
8 #include <arm_spm_def.h>
9 #include <debug.h>
10 #include <plat_arm.h>
11 #include <platform_def.h>
12 #include <tzc400.h>
13 
14 
15 /* Weak definitions may be overridden in specific ARM standard platform */
16 #pragma weak plat_arm_security_setup
17 
18 
19 /*******************************************************************************
20  * Initialize the TrustZone Controller for ARM standard platforms.
21  * When booting an EL3 payload, this is simplified: we configure region 0 with
22  * secure access only and do not enable any other region.
23  ******************************************************************************/
24 void arm_tzc400_setup(const arm_tzc_regions_info_t *tzc_regions)
25 {
26 #ifndef EL3_PAYLOAD_BASE
27 	unsigned int region_index = 1U;
28 	const arm_tzc_regions_info_t *p;
29 	const arm_tzc_regions_info_t init_tzc_regions[] = {
30 		ARM_TZC_REGIONS_DEF,
31 		{0}
32 	};
33 #endif
34 
35 	INFO("Configuring TrustZone Controller\n");
36 
37 	tzc400_init(PLAT_ARM_TZC_BASE);
38 
39 	/* Disable filters. */
40 	tzc400_disable_filters();
41 
42 #ifndef EL3_PAYLOAD_BASE
43 	if (tzc_regions == NULL)
44 		p = init_tzc_regions;
45 	else
46 		p = tzc_regions;
47 
48 	/* Region 0 set to no access by default */
49 	tzc400_configure_region0(TZC_REGION_S_NONE, 0);
50 
51 	/* Rest Regions set according to tzc_regions array */
52 	for (; p->base != 0ULL; p++) {
53 		tzc400_configure_region(PLAT_ARM_TZC_FILTERS, region_index,
54 			p->base, p->end, p->sec_attr, p->nsaid_permissions);
55 		region_index++;
56 	}
57 
58 	INFO("Total %u regions set.\n", region_index);
59 
60 #else /* if defined(EL3_PAYLOAD_BASE) */
61 
62 	/* Allow Secure and Non-secure access to DRAM for EL3 payloads */
63 	tzc400_configure_region0(TZC_REGION_S_RDWR, PLAT_ARM_TZC_NS_DEV_ACCESS);
64 
65 #endif /* EL3_PAYLOAD_BASE */
66 
67 	/*
68 	 * Raise an exception if a NS device tries to access secure memory
69 	 * TODO: Add interrupt handling support.
70 	 */
71 	tzc400_set_action(TZC_ACTION_ERR);
72 
73 	/* Enable filters. */
74 	tzc400_enable_filters();
75 }
76 
77 void plat_arm_security_setup(void)
78 {
79 	arm_tzc400_setup(NULL);
80 }
81