1 /* 2 * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #include <assert.h> 8 #include <errno.h> 9 #include <string.h> 10 11 #include <arch_helpers.h> 12 #include <common/bl_common.h> 13 #include <common/debug.h> 14 #include <common/desc_image_load.h> 15 #include <drivers/generic_delay_timer.h> 16 #include <drivers/mmc.h> 17 #include <drivers/st/bsec.h> 18 #include <drivers/st/regulator_fixed.h> 19 #include <drivers/st/stm32_iwdg.h> 20 #include <drivers/st/stm32_uart.h> 21 #include <drivers/st/stm32mp1_clk.h> 22 #include <drivers/st/stm32mp1_pwr.h> 23 #include <drivers/st/stm32mp1_ram.h> 24 #include <drivers/st/stm32mp_pmic.h> 25 #include <lib/fconf/fconf.h> 26 #include <lib/fconf/fconf_dyn_cfg_getter.h> 27 #include <lib/mmio.h> 28 #include <lib/optee_utils.h> 29 #include <lib/xlat_tables/xlat_tables_v2.h> 30 #include <plat/common/platform.h> 31 32 #include <platform_def.h> 33 #include <stm32mp_common.h> 34 #include <stm32mp1_dbgmcu.h> 35 36 #if DEBUG 37 static const char debug_msg[] = { 38 "***************************************************\n" 39 "** DEBUG ACCESS PORT IS OPEN! **\n" 40 "** This boot image is only for debugging purpose **\n" 41 "** and is unsafe for production use. **\n" 42 "** **\n" 43 "** If you see this message and you are not **\n" 44 "** debugging report this immediately to your **\n" 45 "** vendor! **\n" 46 "***************************************************\n" 47 }; 48 #endif 49 50 static struct stm32mp_auth_ops stm32mp1_auth_ops; 51 52 static void print_reset_reason(void) 53 { 54 uint32_t rstsr = mmio_read_32(stm32mp_rcc_base() + RCC_MP_RSTSCLRR); 55 56 if (rstsr == 0U) { 57 WARN("Reset reason unknown\n"); 58 return; 59 } 60 61 INFO("Reset reason (0x%x):\n", rstsr); 62 63 if ((rstsr & RCC_MP_RSTSCLRR_PADRSTF) == 0U) { 64 if ((rstsr & RCC_MP_RSTSCLRR_STDBYRSTF) != 0U) { 65 INFO("System exits from STANDBY\n"); 66 return; 67 } 68 69 if ((rstsr & RCC_MP_RSTSCLRR_CSTDBYRSTF) != 0U) { 70 INFO("MPU exits from CSTANDBY\n"); 71 return; 72 } 73 } 74 75 if ((rstsr & RCC_MP_RSTSCLRR_PORRSTF) != 0U) { 76 INFO(" Power-on Reset (rst_por)\n"); 77 return; 78 } 79 80 if ((rstsr & RCC_MP_RSTSCLRR_BORRSTF) != 0U) { 81 INFO(" Brownout Reset (rst_bor)\n"); 82 return; 83 } 84 85 if ((rstsr & RCC_MP_RSTSCLRR_MCSYSRSTF) != 0U) { 86 if ((rstsr & RCC_MP_RSTSCLRR_PADRSTF) != 0U) { 87 INFO(" System reset generated by MCU (MCSYSRST)\n"); 88 } else { 89 INFO(" Local reset generated by MCU (MCSYSRST)\n"); 90 } 91 return; 92 } 93 94 if ((rstsr & RCC_MP_RSTSCLRR_MPSYSRSTF) != 0U) { 95 INFO(" System reset generated by MPU (MPSYSRST)\n"); 96 return; 97 } 98 99 if ((rstsr & RCC_MP_RSTSCLRR_HCSSRSTF) != 0U) { 100 INFO(" Reset due to a clock failure on HSE\n"); 101 return; 102 } 103 104 if ((rstsr & RCC_MP_RSTSCLRR_IWDG1RSTF) != 0U) { 105 INFO(" IWDG1 Reset (rst_iwdg1)\n"); 106 return; 107 } 108 109 if ((rstsr & RCC_MP_RSTSCLRR_IWDG2RSTF) != 0U) { 110 INFO(" IWDG2 Reset (rst_iwdg2)\n"); 111 return; 112 } 113 114 if ((rstsr & RCC_MP_RSTSCLRR_MPUP0RSTF) != 0U) { 115 INFO(" MPU Processor 0 Reset\n"); 116 return; 117 } 118 119 if ((rstsr & RCC_MP_RSTSCLRR_MPUP1RSTF) != 0U) { 120 INFO(" MPU Processor 1 Reset\n"); 121 return; 122 } 123 124 if ((rstsr & RCC_MP_RSTSCLRR_PADRSTF) != 0U) { 125 INFO(" Pad Reset from NRST\n"); 126 return; 127 } 128 129 if ((rstsr & RCC_MP_RSTSCLRR_VCORERSTF) != 0U) { 130 INFO(" Reset due to a failure of VDD_CORE\n"); 131 return; 132 } 133 134 ERROR(" Unidentified reset reason\n"); 135 } 136 137 void bl2_el3_early_platform_setup(u_register_t arg0, 138 u_register_t arg1 __unused, 139 u_register_t arg2 __unused, 140 u_register_t arg3 __unused) 141 { 142 stm32mp_save_boot_ctx_address(arg0); 143 } 144 145 void bl2_platform_setup(void) 146 { 147 int ret; 148 149 ret = stm32mp1_ddr_probe(); 150 if (ret < 0) { 151 ERROR("Invalid DDR init: error %d\n", ret); 152 panic(); 153 } 154 155 /* Map DDR for binary load, now with cacheable attribute */ 156 ret = mmap_add_dynamic_region(STM32MP_DDR_BASE, STM32MP_DDR_BASE, 157 STM32MP_DDR_MAX_SIZE, MT_MEMORY | MT_RW | MT_SECURE); 158 if (ret < 0) { 159 ERROR("DDR mapping: error %d\n", ret); 160 panic(); 161 } 162 163 #if STM32MP_USE_STM32IMAGE 164 #ifdef AARCH32_SP_OPTEE 165 INFO("BL2 runs OP-TEE setup\n"); 166 #else 167 INFO("BL2 runs SP_MIN setup\n"); 168 #endif 169 #endif /* STM32MP_USE_STM32IMAGE */ 170 } 171 172 static void update_monotonic_counter(void) 173 { 174 uint32_t version; 175 uint32_t otp; 176 177 CASSERT(STM32_TF_VERSION <= MAX_MONOTONIC_VALUE, 178 assert_stm32mp1_monotonic_counter_reach_max); 179 180 /* Check if monotonic counter needs to be incremented */ 181 if (stm32_get_otp_index(MONOTONIC_OTP, &otp, NULL) != 0) { 182 panic(); 183 } 184 185 if (stm32_get_otp_value_from_idx(otp, &version) != 0) { 186 panic(); 187 } 188 189 if ((version + 1U) < BIT(STM32_TF_VERSION)) { 190 uint32_t result; 191 192 /* Need to increment the monotonic counter. */ 193 version = BIT(STM32_TF_VERSION) - 1U; 194 195 result = bsec_program_otp(version, otp); 196 if (result != BSEC_OK) { 197 ERROR("BSEC: MONOTONIC_OTP program Error %u\n", 198 result); 199 panic(); 200 } 201 INFO("Monotonic counter has been incremented (value 0x%x)\n", 202 version); 203 } 204 } 205 206 void bl2_el3_plat_arch_setup(void) 207 { 208 const char *board_model; 209 boot_api_context_t *boot_context = 210 (boot_api_context_t *)stm32mp_get_boot_ctx_address(); 211 uintptr_t pwr_base; 212 uintptr_t rcc_base; 213 214 if (bsec_probe() != 0U) { 215 panic(); 216 } 217 218 mmap_add_region(BL_CODE_BASE, BL_CODE_BASE, 219 BL_CODE_END - BL_CODE_BASE, 220 MT_CODE | MT_SECURE); 221 222 #if STM32MP_USE_STM32IMAGE 223 #ifdef AARCH32_SP_OPTEE 224 mmap_add_region(STM32MP_OPTEE_BASE, STM32MP_OPTEE_BASE, 225 STM32MP_OPTEE_SIZE, 226 MT_MEMORY | MT_RW | MT_SECURE); 227 #else 228 /* Prevent corruption of preloaded BL32 */ 229 mmap_add_region(BL32_BASE, BL32_BASE, 230 BL32_LIMIT - BL32_BASE, 231 MT_RO_DATA | MT_SECURE); 232 #endif 233 #endif /* STM32MP_USE_STM32IMAGE */ 234 235 /* Prevent corruption of preloaded Device Tree */ 236 mmap_add_region(DTB_BASE, DTB_BASE, 237 DTB_LIMIT - DTB_BASE, 238 MT_RO_DATA | MT_SECURE); 239 240 configure_mmu(); 241 242 if (dt_open_and_check(STM32MP_DTB_BASE) < 0) { 243 panic(); 244 } 245 246 pwr_base = stm32mp_pwr_base(); 247 rcc_base = stm32mp_rcc_base(); 248 249 /* 250 * Disable the backup domain write protection. 251 * The protection is enable at each reset by hardware 252 * and must be disabled by software. 253 */ 254 mmio_setbits_32(pwr_base + PWR_CR1, PWR_CR1_DBP); 255 256 while ((mmio_read_32(pwr_base + PWR_CR1) & PWR_CR1_DBP) == 0U) { 257 ; 258 } 259 260 /* Reset backup domain on cold boot cases */ 261 if ((mmio_read_32(rcc_base + RCC_BDCR) & RCC_BDCR_RTCSRC_MASK) == 0U) { 262 mmio_setbits_32(rcc_base + RCC_BDCR, RCC_BDCR_VSWRST); 263 264 while ((mmio_read_32(rcc_base + RCC_BDCR) & RCC_BDCR_VSWRST) == 265 0U) { 266 ; 267 } 268 269 mmio_clrbits_32(rcc_base + RCC_BDCR, RCC_BDCR_VSWRST); 270 } 271 272 /* Disable MCKPROT */ 273 mmio_clrbits_32(rcc_base + RCC_TZCR, RCC_TZCR_MCKPROT); 274 275 /* 276 * Set minimum reset pulse duration to 31ms for discrete power 277 * supplied boards. 278 */ 279 if (dt_pmic_status() <= 0) { 280 mmio_clrsetbits_32(rcc_base + RCC_RDLSICR, 281 RCC_RDLSICR_MRD_MASK, 282 31U << RCC_RDLSICR_MRD_SHIFT); 283 } 284 285 generic_delay_timer_init(); 286 287 #if STM32MP_UART_PROGRAMMER 288 /* Disable programmer UART before changing clock tree */ 289 if (boot_context->boot_interface_selected == 290 BOOT_API_CTX_BOOT_INTERFACE_SEL_SERIAL_UART) { 291 uintptr_t uart_prog_addr = 292 get_uart_address(boot_context->boot_interface_instance); 293 294 stm32_uart_stop(uart_prog_addr); 295 } 296 #endif 297 if (stm32mp1_clk_probe() < 0) { 298 panic(); 299 } 300 301 if (stm32mp1_clk_init() < 0) { 302 panic(); 303 } 304 305 stm32_save_boot_interface(boot_context->boot_interface_selected, 306 boot_context->boot_interface_instance); 307 308 #if STM32MP_USB_PROGRAMMER 309 /* Deconfigure all UART RX pins configured by ROM code */ 310 stm32mp1_deconfigure_uart_pins(); 311 #endif 312 313 if (stm32mp_uart_console_setup() != 0) { 314 goto skip_console_init; 315 } 316 317 stm32mp_print_cpuinfo(); 318 319 board_model = dt_get_board_model(); 320 if (board_model != NULL) { 321 NOTICE("Model: %s\n", board_model); 322 } 323 324 stm32mp_print_boardinfo(); 325 326 if (boot_context->auth_status != BOOT_API_CTX_AUTH_NO) { 327 NOTICE("Bootrom authentication %s\n", 328 (boot_context->auth_status == BOOT_API_CTX_AUTH_FAILED) ? 329 "failed" : "succeeded"); 330 } 331 332 skip_console_init: 333 if (fixed_regulator_register() != 0) { 334 panic(); 335 } 336 337 if (dt_pmic_status() > 0) { 338 initialize_pmic(); 339 print_pmic_info_and_debug(); 340 } 341 342 stm32mp1_syscfg_init(); 343 344 if (stm32_iwdg_init() < 0) { 345 panic(); 346 } 347 348 stm32_iwdg_refresh(); 349 350 if (bsec_read_debug_conf() != 0U) { 351 if (stm32mp_is_closed_device()) { 352 #if DEBUG 353 WARN("\n%s", debug_msg); 354 #else 355 ERROR("***Debug opened on closed chip***\n"); 356 #endif 357 } 358 } 359 360 if (stm32mp_is_auth_supported()) { 361 stm32mp1_auth_ops.check_key = 362 boot_context->bootrom_ecdsa_check_key; 363 stm32mp1_auth_ops.verify_signature = 364 boot_context->bootrom_ecdsa_verify_signature; 365 366 stm32mp_init_auth(&stm32mp1_auth_ops); 367 } 368 369 stm32mp1_arch_security_setup(); 370 371 print_reset_reason(); 372 373 update_monotonic_counter(); 374 375 stm32mp1_syscfg_enable_io_compensation_finish(); 376 377 #if !STM32MP_USE_STM32IMAGE 378 fconf_populate("TB_FW", STM32MP_DTB_BASE); 379 #endif /* !STM32MP_USE_STM32IMAGE */ 380 381 stm32mp_io_setup(); 382 } 383 384 /******************************************************************************* 385 * This function can be used by the platforms to update/use image 386 * information for given `image_id`. 387 ******************************************************************************/ 388 int bl2_plat_handle_post_image_load(unsigned int image_id) 389 { 390 int err = 0; 391 bl_mem_params_node_t *bl_mem_params = get_bl_mem_params_node(image_id); 392 bl_mem_params_node_t *bl32_mem_params; 393 bl_mem_params_node_t *pager_mem_params __unused; 394 bl_mem_params_node_t *paged_mem_params __unused; 395 #if !STM32MP_USE_STM32IMAGE 396 const struct dyn_cfg_dtb_info_t *config_info; 397 bl_mem_params_node_t *tos_fw_mem_params; 398 unsigned int i; 399 unsigned int idx; 400 unsigned long long ddr_top __unused; 401 const unsigned int image_ids[] = { 402 BL32_IMAGE_ID, 403 BL33_IMAGE_ID, 404 HW_CONFIG_ID, 405 TOS_FW_CONFIG_ID, 406 }; 407 #endif /* !STM32MP_USE_STM32IMAGE */ 408 409 assert(bl_mem_params != NULL); 410 411 switch (image_id) { 412 #if !STM32MP_USE_STM32IMAGE 413 case FW_CONFIG_ID: 414 /* Set global DTB info for fixed fw_config information */ 415 set_config_info(STM32MP_FW_CONFIG_BASE, STM32MP_FW_CONFIG_MAX_SIZE, FW_CONFIG_ID); 416 fconf_populate("FW_CONFIG", STM32MP_FW_CONFIG_BASE); 417 418 idx = dyn_cfg_dtb_info_get_index(TOS_FW_CONFIG_ID); 419 420 /* Iterate through all the fw config IDs */ 421 for (i = 0U; i < ARRAY_SIZE(image_ids); i++) { 422 if ((image_ids[i] == TOS_FW_CONFIG_ID) && (idx == FCONF_INVALID_IDX)) { 423 continue; 424 } 425 426 bl_mem_params = get_bl_mem_params_node(image_ids[i]); 427 assert(bl_mem_params != NULL); 428 429 config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, image_ids[i]); 430 if (config_info == NULL) { 431 continue; 432 } 433 434 bl_mem_params->image_info.image_base = config_info->config_addr; 435 bl_mem_params->image_info.image_max_size = config_info->config_max_size; 436 437 bl_mem_params->image_info.h.attr &= ~IMAGE_ATTRIB_SKIP_LOADING; 438 439 switch (image_ids[i]) { 440 case BL32_IMAGE_ID: 441 bl_mem_params->ep_info.pc = config_info->config_addr; 442 443 /* In case of OPTEE, initialize address space with tos_fw addr */ 444 pager_mem_params = get_bl_mem_params_node(BL32_EXTRA1_IMAGE_ID); 445 pager_mem_params->image_info.image_base = config_info->config_addr; 446 pager_mem_params->image_info.image_max_size = 447 config_info->config_max_size; 448 449 /* Init base and size for pager if exist */ 450 paged_mem_params = get_bl_mem_params_node(BL32_EXTRA2_IMAGE_ID); 451 paged_mem_params->image_info.image_base = STM32MP_DDR_BASE + 452 (dt_get_ddr_size() - STM32MP_DDR_S_SIZE - 453 STM32MP_DDR_SHMEM_SIZE); 454 paged_mem_params->image_info.image_max_size = STM32MP_DDR_S_SIZE; 455 break; 456 457 case BL33_IMAGE_ID: 458 bl_mem_params->ep_info.pc = config_info->config_addr; 459 break; 460 461 case HW_CONFIG_ID: 462 case TOS_FW_CONFIG_ID: 463 break; 464 465 default: 466 return -EINVAL; 467 } 468 } 469 break; 470 #endif /* !STM32MP_USE_STM32IMAGE */ 471 472 case BL32_IMAGE_ID: 473 if (optee_header_is_valid(bl_mem_params->image_info.image_base)) { 474 /* BL32 is OP-TEE header */ 475 bl_mem_params->ep_info.pc = bl_mem_params->image_info.image_base; 476 pager_mem_params = get_bl_mem_params_node(BL32_EXTRA1_IMAGE_ID); 477 paged_mem_params = get_bl_mem_params_node(BL32_EXTRA2_IMAGE_ID); 478 assert((pager_mem_params != NULL) && (paged_mem_params != NULL)); 479 480 #if STM32MP_USE_STM32IMAGE && defined(AARCH32_SP_OPTEE) 481 /* Set OP-TEE extra image load areas at run-time */ 482 pager_mem_params->image_info.image_base = STM32MP_OPTEE_BASE; 483 pager_mem_params->image_info.image_max_size = STM32MP_OPTEE_SIZE; 484 485 paged_mem_params->image_info.image_base = STM32MP_DDR_BASE + 486 dt_get_ddr_size() - 487 STM32MP_DDR_S_SIZE - 488 STM32MP_DDR_SHMEM_SIZE; 489 paged_mem_params->image_info.image_max_size = STM32MP_DDR_S_SIZE; 490 #endif /* STM32MP_USE_STM32IMAGE && defined(AARCH32_SP_OPTEE) */ 491 492 err = parse_optee_header(&bl_mem_params->ep_info, 493 &pager_mem_params->image_info, 494 &paged_mem_params->image_info); 495 if (err) { 496 ERROR("OPTEE header parse error.\n"); 497 panic(); 498 } 499 500 /* Set optee boot info from parsed header data */ 501 bl_mem_params->ep_info.args.arg0 = paged_mem_params->image_info.image_base; 502 bl_mem_params->ep_info.args.arg1 = 0; /* Unused */ 503 bl_mem_params->ep_info.args.arg2 = 0; /* No DT supported */ 504 } else { 505 #if !STM32MP_USE_STM32IMAGE 506 bl_mem_params->ep_info.pc = bl_mem_params->image_info.image_base; 507 tos_fw_mem_params = get_bl_mem_params_node(TOS_FW_CONFIG_ID); 508 bl_mem_params->image_info.image_max_size += 509 tos_fw_mem_params->image_info.image_max_size; 510 #endif /* !STM32MP_USE_STM32IMAGE */ 511 bl_mem_params->ep_info.args.arg0 = 0; 512 } 513 break; 514 515 case BL33_IMAGE_ID: 516 bl32_mem_params = get_bl_mem_params_node(BL32_IMAGE_ID); 517 assert(bl32_mem_params != NULL); 518 bl32_mem_params->ep_info.lr_svc = bl_mem_params->ep_info.pc; 519 #if !STM32MP_USE_STM32IMAGE && PSA_FWU_SUPPORT 520 stm32mp1_fwu_set_boot_idx(); 521 #endif /* !STM32MP_USE_STM32IMAGE && PSA_FWU_SUPPORT */ 522 break; 523 524 default: 525 /* Do nothing in default case */ 526 break; 527 } 528 529 #if STM32MP_SDMMC || STM32MP_EMMC 530 /* 531 * Invalidate remaining data read from MMC but not flushed by load_image_flush(). 532 * We take the worst case which is 2 MMC blocks. 533 */ 534 if ((image_id != FW_CONFIG_ID) && 535 ((bl_mem_params->image_info.h.attr & IMAGE_ATTRIB_SKIP_LOADING) == 0U)) { 536 inv_dcache_range(bl_mem_params->image_info.image_base + 537 bl_mem_params->image_info.image_size, 538 2U * MMC_BLOCK_SIZE); 539 } 540 #endif /* STM32MP_SDMMC || STM32MP_EMMC */ 541 542 return err; 543 } 544 545 void bl2_el3_plat_prepare_exit(void) 546 { 547 uint16_t boot_itf = stm32mp_get_boot_itf_selected(); 548 549 switch (boot_itf) { 550 #if STM32MP_UART_PROGRAMMER || STM32MP_USB_PROGRAMMER 551 case BOOT_API_CTX_BOOT_INTERFACE_SEL_SERIAL_UART: 552 case BOOT_API_CTX_BOOT_INTERFACE_SEL_SERIAL_USB: 553 /* Invalidate the downloaded buffer used with io_memmap */ 554 inv_dcache_range(DWL_BUFFER_BASE, DWL_BUFFER_SIZE); 555 break; 556 #endif /* STM32MP_UART_PROGRAMMER || STM32MP_USB_PROGRAMMER */ 557 default: 558 /* Do nothing in default case */ 559 break; 560 } 561 562 stm32mp1_security_setup(); 563 } 564