1 /* 2 * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #include <assert.h> 8 #include <errno.h> 9 #include <string.h> 10 11 #include <arch_helpers.h> 12 #include <common/bl_common.h> 13 #include <common/debug.h> 14 #include <common/desc_image_load.h> 15 #include <drivers/generic_delay_timer.h> 16 #include <drivers/mmc.h> 17 #include <drivers/st/bsec.h> 18 #include <drivers/st/regulator_fixed.h> 19 #include <drivers/st/stm32_iwdg.h> 20 #include <drivers/st/stm32_uart.h> 21 #include <drivers/st/stm32mp1_clk.h> 22 #include <drivers/st/stm32mp1_pwr.h> 23 #include <drivers/st/stm32mp1_ram.h> 24 #include <drivers/st/stm32mp_pmic.h> 25 #include <lib/fconf/fconf.h> 26 #include <lib/fconf/fconf_dyn_cfg_getter.h> 27 #include <lib/mmio.h> 28 #include <lib/optee_utils.h> 29 #include <lib/xlat_tables/xlat_tables_v2.h> 30 #include <plat/common/platform.h> 31 32 #include <platform_def.h> 33 #include <stm32mp_common.h> 34 #include <stm32mp1_dbgmcu.h> 35 36 #if DEBUG 37 static const char debug_msg[] = { 38 "***************************************************\n" 39 "** DEBUG ACCESS PORT IS OPEN! **\n" 40 "** This boot image is only for debugging purpose **\n" 41 "** and is unsafe for production use. **\n" 42 "** **\n" 43 "** If you see this message and you are not **\n" 44 "** debugging report this immediately to your **\n" 45 "** vendor! **\n" 46 "***************************************************\n" 47 }; 48 #endif 49 50 static struct stm32mp_auth_ops stm32mp1_auth_ops; 51 52 static void print_reset_reason(void) 53 { 54 uint32_t rstsr = mmio_read_32(stm32mp_rcc_base() + RCC_MP_RSTSCLRR); 55 56 if (rstsr == 0U) { 57 WARN("Reset reason unknown\n"); 58 return; 59 } 60 61 INFO("Reset reason (0x%x):\n", rstsr); 62 63 if ((rstsr & RCC_MP_RSTSCLRR_PADRSTF) == 0U) { 64 if ((rstsr & RCC_MP_RSTSCLRR_STDBYRSTF) != 0U) { 65 INFO("System exits from STANDBY\n"); 66 return; 67 } 68 69 if ((rstsr & RCC_MP_RSTSCLRR_CSTDBYRSTF) != 0U) { 70 INFO("MPU exits from CSTANDBY\n"); 71 return; 72 } 73 } 74 75 if ((rstsr & RCC_MP_RSTSCLRR_PORRSTF) != 0U) { 76 INFO(" Power-on Reset (rst_por)\n"); 77 return; 78 } 79 80 if ((rstsr & RCC_MP_RSTSCLRR_BORRSTF) != 0U) { 81 INFO(" Brownout Reset (rst_bor)\n"); 82 return; 83 } 84 85 if ((rstsr & RCC_MP_RSTSCLRR_MCSYSRSTF) != 0U) { 86 if ((rstsr & RCC_MP_RSTSCLRR_PADRSTF) != 0U) { 87 INFO(" System reset generated by MCU (MCSYSRST)\n"); 88 } else { 89 INFO(" Local reset generated by MCU (MCSYSRST)\n"); 90 } 91 return; 92 } 93 94 if ((rstsr & RCC_MP_RSTSCLRR_MPSYSRSTF) != 0U) { 95 INFO(" System reset generated by MPU (MPSYSRST)\n"); 96 return; 97 } 98 99 if ((rstsr & RCC_MP_RSTSCLRR_HCSSRSTF) != 0U) { 100 INFO(" Reset due to a clock failure on HSE\n"); 101 return; 102 } 103 104 if ((rstsr & RCC_MP_RSTSCLRR_IWDG1RSTF) != 0U) { 105 INFO(" IWDG1 Reset (rst_iwdg1)\n"); 106 return; 107 } 108 109 if ((rstsr & RCC_MP_RSTSCLRR_IWDG2RSTF) != 0U) { 110 INFO(" IWDG2 Reset (rst_iwdg2)\n"); 111 return; 112 } 113 114 if ((rstsr & RCC_MP_RSTSCLRR_MPUP0RSTF) != 0U) { 115 INFO(" MPU Processor 0 Reset\n"); 116 return; 117 } 118 119 if ((rstsr & RCC_MP_RSTSCLRR_MPUP1RSTF) != 0U) { 120 INFO(" MPU Processor 1 Reset\n"); 121 return; 122 } 123 124 if ((rstsr & RCC_MP_RSTSCLRR_PADRSTF) != 0U) { 125 INFO(" Pad Reset from NRST\n"); 126 return; 127 } 128 129 if ((rstsr & RCC_MP_RSTSCLRR_VCORERSTF) != 0U) { 130 INFO(" Reset due to a failure of VDD_CORE\n"); 131 return; 132 } 133 134 ERROR(" Unidentified reset reason\n"); 135 } 136 137 void bl2_el3_early_platform_setup(u_register_t arg0, 138 u_register_t arg1 __unused, 139 u_register_t arg2 __unused, 140 u_register_t arg3 __unused) 141 { 142 stm32mp_setup_early_console(); 143 144 stm32mp_save_boot_ctx_address(arg0); 145 } 146 147 void bl2_platform_setup(void) 148 { 149 int ret; 150 151 ret = stm32mp1_ddr_probe(); 152 if (ret < 0) { 153 ERROR("Invalid DDR init: error %d\n", ret); 154 panic(); 155 } 156 157 /* Map DDR for binary load, now with cacheable attribute */ 158 ret = mmap_add_dynamic_region(STM32MP_DDR_BASE, STM32MP_DDR_BASE, 159 STM32MP_DDR_MAX_SIZE, MT_MEMORY | MT_RW | MT_SECURE); 160 if (ret < 0) { 161 ERROR("DDR mapping: error %d\n", ret); 162 panic(); 163 } 164 165 #if STM32MP_USE_STM32IMAGE 166 #ifdef AARCH32_SP_OPTEE 167 INFO("BL2 runs OP-TEE setup\n"); 168 #else 169 INFO("BL2 runs SP_MIN setup\n"); 170 #endif 171 #endif /* STM32MP_USE_STM32IMAGE */ 172 } 173 174 static void update_monotonic_counter(void) 175 { 176 uint32_t version; 177 uint32_t otp; 178 179 CASSERT(STM32_TF_VERSION <= MAX_MONOTONIC_VALUE, 180 assert_stm32mp1_monotonic_counter_reach_max); 181 182 /* Check if monotonic counter needs to be incremented */ 183 if (stm32_get_otp_index(MONOTONIC_OTP, &otp, NULL) != 0) { 184 panic(); 185 } 186 187 if (stm32_get_otp_value_from_idx(otp, &version) != 0) { 188 panic(); 189 } 190 191 if ((version + 1U) < BIT(STM32_TF_VERSION)) { 192 uint32_t result; 193 194 /* Need to increment the monotonic counter. */ 195 version = BIT(STM32_TF_VERSION) - 1U; 196 197 result = bsec_program_otp(version, otp); 198 if (result != BSEC_OK) { 199 ERROR("BSEC: MONOTONIC_OTP program Error %u\n", 200 result); 201 panic(); 202 } 203 INFO("Monotonic counter has been incremented (value 0x%x)\n", 204 version); 205 } 206 } 207 208 void bl2_el3_plat_arch_setup(void) 209 { 210 const char *board_model; 211 boot_api_context_t *boot_context = 212 (boot_api_context_t *)stm32mp_get_boot_ctx_address(); 213 uintptr_t pwr_base; 214 uintptr_t rcc_base; 215 216 if (bsec_probe() != 0U) { 217 panic(); 218 } 219 220 mmap_add_region(BL_CODE_BASE, BL_CODE_BASE, 221 BL_CODE_END - BL_CODE_BASE, 222 MT_CODE | MT_SECURE); 223 224 #if STM32MP_USE_STM32IMAGE 225 #ifdef AARCH32_SP_OPTEE 226 mmap_add_region(STM32MP_OPTEE_BASE, STM32MP_OPTEE_BASE, 227 STM32MP_OPTEE_SIZE, 228 MT_MEMORY | MT_RW | MT_SECURE); 229 #else 230 /* Prevent corruption of preloaded BL32 */ 231 mmap_add_region(BL32_BASE, BL32_BASE, 232 BL32_LIMIT - BL32_BASE, 233 MT_RO_DATA | MT_SECURE); 234 #endif 235 #endif /* STM32MP_USE_STM32IMAGE */ 236 237 /* Prevent corruption of preloaded Device Tree */ 238 mmap_add_region(DTB_BASE, DTB_BASE, 239 DTB_LIMIT - DTB_BASE, 240 MT_RO_DATA | MT_SECURE); 241 242 configure_mmu(); 243 244 if (dt_open_and_check(STM32MP_DTB_BASE) < 0) { 245 panic(); 246 } 247 248 pwr_base = stm32mp_pwr_base(); 249 rcc_base = stm32mp_rcc_base(); 250 251 /* 252 * Disable the backup domain write protection. 253 * The protection is enable at each reset by hardware 254 * and must be disabled by software. 255 */ 256 mmio_setbits_32(pwr_base + PWR_CR1, PWR_CR1_DBP); 257 258 while ((mmio_read_32(pwr_base + PWR_CR1) & PWR_CR1_DBP) == 0U) { 259 ; 260 } 261 262 /* Reset backup domain on cold boot cases */ 263 if ((mmio_read_32(rcc_base + RCC_BDCR) & RCC_BDCR_RTCSRC_MASK) == 0U) { 264 mmio_setbits_32(rcc_base + RCC_BDCR, RCC_BDCR_VSWRST); 265 266 while ((mmio_read_32(rcc_base + RCC_BDCR) & RCC_BDCR_VSWRST) == 267 0U) { 268 ; 269 } 270 271 mmio_clrbits_32(rcc_base + RCC_BDCR, RCC_BDCR_VSWRST); 272 } 273 274 /* Disable MCKPROT */ 275 mmio_clrbits_32(rcc_base + RCC_TZCR, RCC_TZCR_MCKPROT); 276 277 /* 278 * Set minimum reset pulse duration to 31ms for discrete power 279 * supplied boards. 280 */ 281 if (dt_pmic_status() <= 0) { 282 mmio_clrsetbits_32(rcc_base + RCC_RDLSICR, 283 RCC_RDLSICR_MRD_MASK, 284 31U << RCC_RDLSICR_MRD_SHIFT); 285 } 286 287 generic_delay_timer_init(); 288 289 #if STM32MP_UART_PROGRAMMER 290 /* Disable programmer UART before changing clock tree */ 291 if (boot_context->boot_interface_selected == 292 BOOT_API_CTX_BOOT_INTERFACE_SEL_SERIAL_UART) { 293 uintptr_t uart_prog_addr = 294 get_uart_address(boot_context->boot_interface_instance); 295 296 stm32_uart_stop(uart_prog_addr); 297 } 298 #endif 299 if (stm32mp1_clk_probe() < 0) { 300 panic(); 301 } 302 303 if (stm32mp1_clk_init() < 0) { 304 panic(); 305 } 306 307 stm32_save_boot_interface(boot_context->boot_interface_selected, 308 boot_context->boot_interface_instance); 309 310 #if STM32MP_USB_PROGRAMMER 311 /* Deconfigure all UART RX pins configured by ROM code */ 312 stm32mp1_deconfigure_uart_pins(); 313 #endif 314 315 if (stm32mp_uart_console_setup() != 0) { 316 goto skip_console_init; 317 } 318 319 stm32mp_print_cpuinfo(); 320 321 board_model = dt_get_board_model(); 322 if (board_model != NULL) { 323 NOTICE("Model: %s\n", board_model); 324 } 325 326 stm32mp_print_boardinfo(); 327 328 if (boot_context->auth_status != BOOT_API_CTX_AUTH_NO) { 329 NOTICE("Bootrom authentication %s\n", 330 (boot_context->auth_status == BOOT_API_CTX_AUTH_FAILED) ? 331 "failed" : "succeeded"); 332 } 333 334 skip_console_init: 335 if (fixed_regulator_register() != 0) { 336 panic(); 337 } 338 339 if (dt_pmic_status() > 0) { 340 initialize_pmic(); 341 print_pmic_info_and_debug(); 342 } 343 344 stm32mp1_syscfg_init(); 345 346 if (stm32_iwdg_init() < 0) { 347 panic(); 348 } 349 350 stm32_iwdg_refresh(); 351 352 if (bsec_read_debug_conf() != 0U) { 353 if (stm32mp_is_closed_device()) { 354 #if DEBUG 355 WARN("\n%s", debug_msg); 356 #else 357 ERROR("***Debug opened on closed chip***\n"); 358 #endif 359 } 360 } 361 362 if (stm32mp_is_auth_supported()) { 363 stm32mp1_auth_ops.check_key = 364 boot_context->bootrom_ecdsa_check_key; 365 stm32mp1_auth_ops.verify_signature = 366 boot_context->bootrom_ecdsa_verify_signature; 367 368 stm32mp_init_auth(&stm32mp1_auth_ops); 369 } 370 371 stm32mp1_arch_security_setup(); 372 373 print_reset_reason(); 374 375 update_monotonic_counter(); 376 377 stm32mp1_syscfg_enable_io_compensation_finish(); 378 379 #if !STM32MP_USE_STM32IMAGE 380 fconf_populate("TB_FW", STM32MP_DTB_BASE); 381 #endif /* !STM32MP_USE_STM32IMAGE */ 382 383 stm32mp_io_setup(); 384 } 385 386 /******************************************************************************* 387 * This function can be used by the platforms to update/use image 388 * information for given `image_id`. 389 ******************************************************************************/ 390 int bl2_plat_handle_post_image_load(unsigned int image_id) 391 { 392 int err = 0; 393 bl_mem_params_node_t *bl_mem_params = get_bl_mem_params_node(image_id); 394 bl_mem_params_node_t *bl32_mem_params; 395 bl_mem_params_node_t *pager_mem_params __unused; 396 bl_mem_params_node_t *paged_mem_params __unused; 397 #if !STM32MP_USE_STM32IMAGE 398 const struct dyn_cfg_dtb_info_t *config_info; 399 bl_mem_params_node_t *tos_fw_mem_params; 400 unsigned int i; 401 unsigned int idx; 402 unsigned long long ddr_top __unused; 403 const unsigned int image_ids[] = { 404 BL32_IMAGE_ID, 405 BL33_IMAGE_ID, 406 HW_CONFIG_ID, 407 TOS_FW_CONFIG_ID, 408 }; 409 #endif /* !STM32MP_USE_STM32IMAGE */ 410 411 assert(bl_mem_params != NULL); 412 413 switch (image_id) { 414 #if !STM32MP_USE_STM32IMAGE 415 case FW_CONFIG_ID: 416 /* Set global DTB info for fixed fw_config information */ 417 set_config_info(STM32MP_FW_CONFIG_BASE, STM32MP_FW_CONFIG_MAX_SIZE, FW_CONFIG_ID); 418 fconf_populate("FW_CONFIG", STM32MP_FW_CONFIG_BASE); 419 420 idx = dyn_cfg_dtb_info_get_index(TOS_FW_CONFIG_ID); 421 422 /* Iterate through all the fw config IDs */ 423 for (i = 0U; i < ARRAY_SIZE(image_ids); i++) { 424 if ((image_ids[i] == TOS_FW_CONFIG_ID) && (idx == FCONF_INVALID_IDX)) { 425 continue; 426 } 427 428 bl_mem_params = get_bl_mem_params_node(image_ids[i]); 429 assert(bl_mem_params != NULL); 430 431 config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, image_ids[i]); 432 if (config_info == NULL) { 433 continue; 434 } 435 436 bl_mem_params->image_info.image_base = config_info->config_addr; 437 bl_mem_params->image_info.image_max_size = config_info->config_max_size; 438 439 bl_mem_params->image_info.h.attr &= ~IMAGE_ATTRIB_SKIP_LOADING; 440 441 switch (image_ids[i]) { 442 case BL32_IMAGE_ID: 443 bl_mem_params->ep_info.pc = config_info->config_addr; 444 445 /* In case of OPTEE, initialize address space with tos_fw addr */ 446 pager_mem_params = get_bl_mem_params_node(BL32_EXTRA1_IMAGE_ID); 447 pager_mem_params->image_info.image_base = config_info->config_addr; 448 pager_mem_params->image_info.image_max_size = 449 config_info->config_max_size; 450 451 /* Init base and size for pager if exist */ 452 paged_mem_params = get_bl_mem_params_node(BL32_EXTRA2_IMAGE_ID); 453 paged_mem_params->image_info.image_base = STM32MP_DDR_BASE + 454 (dt_get_ddr_size() - STM32MP_DDR_S_SIZE - 455 STM32MP_DDR_SHMEM_SIZE); 456 paged_mem_params->image_info.image_max_size = STM32MP_DDR_S_SIZE; 457 break; 458 459 case BL33_IMAGE_ID: 460 bl_mem_params->ep_info.pc = config_info->config_addr; 461 break; 462 463 case HW_CONFIG_ID: 464 case TOS_FW_CONFIG_ID: 465 break; 466 467 default: 468 return -EINVAL; 469 } 470 } 471 break; 472 #endif /* !STM32MP_USE_STM32IMAGE */ 473 474 case BL32_IMAGE_ID: 475 if (optee_header_is_valid(bl_mem_params->image_info.image_base)) { 476 /* BL32 is OP-TEE header */ 477 bl_mem_params->ep_info.pc = bl_mem_params->image_info.image_base; 478 pager_mem_params = get_bl_mem_params_node(BL32_EXTRA1_IMAGE_ID); 479 paged_mem_params = get_bl_mem_params_node(BL32_EXTRA2_IMAGE_ID); 480 assert((pager_mem_params != NULL) && (paged_mem_params != NULL)); 481 482 #if STM32MP_USE_STM32IMAGE && defined(AARCH32_SP_OPTEE) 483 /* Set OP-TEE extra image load areas at run-time */ 484 pager_mem_params->image_info.image_base = STM32MP_OPTEE_BASE; 485 pager_mem_params->image_info.image_max_size = STM32MP_OPTEE_SIZE; 486 487 paged_mem_params->image_info.image_base = STM32MP_DDR_BASE + 488 dt_get_ddr_size() - 489 STM32MP_DDR_S_SIZE - 490 STM32MP_DDR_SHMEM_SIZE; 491 paged_mem_params->image_info.image_max_size = STM32MP_DDR_S_SIZE; 492 #endif /* STM32MP_USE_STM32IMAGE && defined(AARCH32_SP_OPTEE) */ 493 494 err = parse_optee_header(&bl_mem_params->ep_info, 495 &pager_mem_params->image_info, 496 &paged_mem_params->image_info); 497 if (err) { 498 ERROR("OPTEE header parse error.\n"); 499 panic(); 500 } 501 502 /* Set optee boot info from parsed header data */ 503 bl_mem_params->ep_info.args.arg0 = paged_mem_params->image_info.image_base; 504 bl_mem_params->ep_info.args.arg1 = 0; /* Unused */ 505 bl_mem_params->ep_info.args.arg2 = 0; /* No DT supported */ 506 } else { 507 #if !STM32MP_USE_STM32IMAGE 508 bl_mem_params->ep_info.pc = bl_mem_params->image_info.image_base; 509 tos_fw_mem_params = get_bl_mem_params_node(TOS_FW_CONFIG_ID); 510 bl_mem_params->image_info.image_max_size += 511 tos_fw_mem_params->image_info.image_max_size; 512 #endif /* !STM32MP_USE_STM32IMAGE */ 513 bl_mem_params->ep_info.args.arg0 = 0; 514 } 515 break; 516 517 case BL33_IMAGE_ID: 518 bl32_mem_params = get_bl_mem_params_node(BL32_IMAGE_ID); 519 assert(bl32_mem_params != NULL); 520 bl32_mem_params->ep_info.lr_svc = bl_mem_params->ep_info.pc; 521 #if !STM32MP_USE_STM32IMAGE && PSA_FWU_SUPPORT 522 stm32mp1_fwu_set_boot_idx(); 523 #endif /* !STM32MP_USE_STM32IMAGE && PSA_FWU_SUPPORT */ 524 break; 525 526 default: 527 /* Do nothing in default case */ 528 break; 529 } 530 531 #if STM32MP_SDMMC || STM32MP_EMMC 532 /* 533 * Invalidate remaining data read from MMC but not flushed by load_image_flush(). 534 * We take the worst case which is 2 MMC blocks. 535 */ 536 if ((image_id != FW_CONFIG_ID) && 537 ((bl_mem_params->image_info.h.attr & IMAGE_ATTRIB_SKIP_LOADING) == 0U)) { 538 inv_dcache_range(bl_mem_params->image_info.image_base + 539 bl_mem_params->image_info.image_size, 540 2U * MMC_BLOCK_SIZE); 541 } 542 #endif /* STM32MP_SDMMC || STM32MP_EMMC */ 543 544 return err; 545 } 546 547 void bl2_el3_plat_prepare_exit(void) 548 { 549 uint16_t boot_itf = stm32mp_get_boot_itf_selected(); 550 551 switch (boot_itf) { 552 #if STM32MP_UART_PROGRAMMER || STM32MP_USB_PROGRAMMER 553 case BOOT_API_CTX_BOOT_INTERFACE_SEL_SERIAL_UART: 554 case BOOT_API_CTX_BOOT_INTERFACE_SEL_SERIAL_USB: 555 /* Invalidate the downloaded buffer used with io_memmap */ 556 inv_dcache_range(DWL_BUFFER_BASE, DWL_BUFFER_SIZE); 557 break; 558 #endif /* STM32MP_UART_PROGRAMMER || STM32MP_USB_PROGRAMMER */ 559 default: 560 /* Do nothing in default case */ 561 break; 562 } 563 564 stm32mp1_security_setup(); 565 } 566