xref: /rk3399_ARM-atf/plat/arm/common/arm_tzc400.c (revision 70b0f2789e93f253bec5cbd2986d0de023c1bdf4) 
1 /*
2  * Copyright (c) 2014-2018, ARM Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include <platform_def.h>
8 
9 #include <common/debug.h>
10 #include <drivers/arm/tzc400.h>
11 #include <plat/arm/common/plat_arm.h>
12 
13 /* Weak definitions may be overridden in specific ARM standard platform */
14 #pragma weak plat_arm_security_setup
15 
16 
17 /*******************************************************************************
18  * Initialize the TrustZone Controller for ARM standard platforms.
19  * When booting an EL3 payload, this is simplified: we configure region 0 with
20  * secure access only and do not enable any other region.
21  ******************************************************************************/
22 void arm_tzc400_setup(const arm_tzc_regions_info_t *tzc_regions)
23 {
24 #ifndef EL3_PAYLOAD_BASE
25 	unsigned int region_index = 1U;
26 	const arm_tzc_regions_info_t *p;
27 	const arm_tzc_regions_info_t init_tzc_regions[] = {
28 		ARM_TZC_REGIONS_DEF,
29 		{0}
30 	};
31 #endif
32 
33 	INFO("Configuring TrustZone Controller\n");
34 
35 	tzc400_init(PLAT_ARM_TZC_BASE);
36 
37 	/* Disable filters. */
38 	tzc400_disable_filters();
39 
40 #ifndef EL3_PAYLOAD_BASE
41 	if (tzc_regions == NULL)
42 		p = init_tzc_regions;
43 	else
44 		p = tzc_regions;
45 
46 	/* Region 0 set to no access by default */
47 	tzc400_configure_region0(TZC_REGION_S_NONE, 0);
48 
49 	/* Rest Regions set according to tzc_regions array */
50 	for (; p->base != 0ULL; p++) {
51 		tzc400_configure_region(PLAT_ARM_TZC_FILTERS, region_index,
52 			p->base, p->end, p->sec_attr, p->nsaid_permissions);
53 		region_index++;
54 	}
55 
56 	INFO("Total %u regions set.\n", region_index);
57 
58 #else /* if defined(EL3_PAYLOAD_BASE) */
59 
60 	/* Allow Secure and Non-secure access to DRAM for EL3 payloads */
61 	tzc400_configure_region0(TZC_REGION_S_RDWR, PLAT_ARM_TZC_NS_DEV_ACCESS);
62 
63 #endif /* EL3_PAYLOAD_BASE */
64 
65 	/*
66 	 * Raise an exception if a NS device tries to access secure memory
67 	 * TODO: Add interrupt handling support.
68 	 */
69 	tzc400_set_action(TZC_ACTION_ERR);
70 
71 	/* Enable filters. */
72 	tzc400_enable_filters();
73 }
74 
75 void plat_arm_security_setup(void)
76 {
77 	arm_tzc400_setup(NULL);
78 }
79