xref: /rk3399_ARM-atf/plat/st/stm32mp1/bl2_plat_setup.c (revision b67e984664a8644d6cfd1812cabaa02cf24f09c9) 
1 /*
2  * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include <assert.h>
8 #include <errno.h>
9 #include <string.h>
10 
11 #include <arch_helpers.h>
12 #include <common/bl_common.h>
13 #include <common/debug.h>
14 #include <common/desc_image_load.h>
15 #include <drivers/generic_delay_timer.h>
16 #include <drivers/mmc.h>
17 #include <drivers/st/bsec.h>
18 #include <drivers/st/regulator_fixed.h>
19 #include <drivers/st/stm32_iwdg.h>
20 #if STM32MP13
21 #include <drivers/st/stm32_mce.h>
22 #endif
23 #include <drivers/st/stm32_rng.h>
24 #include <drivers/st/stm32_uart.h>
25 #include <drivers/st/stm32mp1_clk.h>
26 #include <drivers/st/stm32mp1_pwr.h>
27 #include <drivers/st/stm32mp1_ram.h>
28 #include <drivers/st/stm32mp_pmic.h>
29 #include <lib/fconf/fconf.h>
30 #include <lib/fconf/fconf_dyn_cfg_getter.h>
31 #include <lib/mmio.h>
32 #include <lib/optee_utils.h>
33 #include <lib/xlat_tables/xlat_tables_v2.h>
34 #include <plat/common/platform.h>
35 
36 #include <platform_def.h>
37 #include <stm32mp_common.h>
38 #include <stm32mp1_dbgmcu.h>
39 
40 #if DEBUG
41 static const char debug_msg[] = {
42 	"***************************************************\n"
43 	"** DEBUG ACCESS PORT IS OPEN!                    **\n"
44 	"** This boot image is only for debugging purpose **\n"
45 	"** and is unsafe for production use.             **\n"
46 	"**                                               **\n"
47 	"** If you see this message and you are not       **\n"
48 	"** debugging report this immediately to your     **\n"
49 	"** vendor!                                       **\n"
50 	"***************************************************\n"
51 };
52 #endif
53 
54 static void print_reset_reason(void)
55 {
56 	uint32_t rstsr = mmio_read_32(stm32mp_rcc_base() + RCC_MP_RSTSCLRR);
57 
58 	if (rstsr == 0U) {
59 		WARN("Reset reason unknown\n");
60 		return;
61 	}
62 
63 	INFO("Reset reason (0x%x):\n", rstsr);
64 
65 	if ((rstsr & RCC_MP_RSTSCLRR_PADRSTF) == 0U) {
66 		if ((rstsr & RCC_MP_RSTSCLRR_STDBYRSTF) != 0U) {
67 			INFO("System exits from STANDBY\n");
68 			return;
69 		}
70 
71 		if ((rstsr & RCC_MP_RSTSCLRR_CSTDBYRSTF) != 0U) {
72 			INFO("MPU exits from CSTANDBY\n");
73 			return;
74 		}
75 	}
76 
77 	if ((rstsr & RCC_MP_RSTSCLRR_PORRSTF) != 0U) {
78 		INFO("  Power-on Reset (rst_por)\n");
79 		return;
80 	}
81 
82 	if ((rstsr & RCC_MP_RSTSCLRR_BORRSTF) != 0U) {
83 		INFO("  Brownout Reset (rst_bor)\n");
84 		return;
85 	}
86 
87 #if STM32MP15
88 	if ((rstsr & RCC_MP_RSTSCLRR_MCSYSRSTF) != 0U) {
89 		if ((rstsr & RCC_MP_RSTSCLRR_PADRSTF) != 0U) {
90 			INFO("  System reset generated by MCU (MCSYSRST)\n");
91 		} else {
92 			INFO("  Local reset generated by MCU (MCSYSRST)\n");
93 		}
94 		return;
95 	}
96 #endif
97 
98 	if ((rstsr & RCC_MP_RSTSCLRR_MPSYSRSTF) != 0U) {
99 		INFO("  System reset generated by MPU (MPSYSRST)\n");
100 		return;
101 	}
102 
103 	if ((rstsr & RCC_MP_RSTSCLRR_HCSSRSTF) != 0U) {
104 		INFO("  Reset due to a clock failure on HSE\n");
105 		return;
106 	}
107 
108 	if ((rstsr & RCC_MP_RSTSCLRR_IWDG1RSTF) != 0U) {
109 		INFO("  IWDG1 Reset (rst_iwdg1)\n");
110 		return;
111 	}
112 
113 	if ((rstsr & RCC_MP_RSTSCLRR_IWDG2RSTF) != 0U) {
114 		INFO("  IWDG2 Reset (rst_iwdg2)\n");
115 		return;
116 	}
117 
118 	if ((rstsr & RCC_MP_RSTSCLRR_MPUP0RSTF) != 0U) {
119 		INFO("  MPU Processor 0 Reset\n");
120 		return;
121 	}
122 
123 #if STM32MP15
124 	if ((rstsr & RCC_MP_RSTSCLRR_MPUP1RSTF) != 0U) {
125 		INFO("  MPU Processor 1 Reset\n");
126 		return;
127 	}
128 #endif
129 
130 	if ((rstsr & RCC_MP_RSTSCLRR_PADRSTF) != 0U) {
131 		INFO("  Pad Reset from NRST\n");
132 		return;
133 	}
134 
135 	if ((rstsr & RCC_MP_RSTSCLRR_VCORERSTF) != 0U) {
136 		INFO("  Reset due to a failure of VDD_CORE\n");
137 		return;
138 	}
139 
140 	ERROR("  Unidentified reset reason\n");
141 }
142 
143 void bl2_el3_early_platform_setup(u_register_t arg0,
144 				  u_register_t arg1 __unused,
145 				  u_register_t arg2 __unused,
146 				  u_register_t arg3 __unused)
147 {
148 	stm32mp_save_boot_ctx_address(arg0);
149 }
150 
151 void bl2_platform_setup(void)
152 {
153 	int ret;
154 
155 	ret = stm32mp1_ddr_probe();
156 	if (ret < 0) {
157 		ERROR("Invalid DDR init: error %d\n", ret);
158 		panic();
159 	}
160 
161 	/* Map DDR for binary load, now with cacheable attribute */
162 	ret = mmap_add_dynamic_region(STM32MP_DDR_BASE, STM32MP_DDR_BASE,
163 				      STM32MP_DDR_MAX_SIZE, MT_MEMORY | MT_RW | MT_SECURE);
164 	if (ret < 0) {
165 		ERROR("DDR mapping: error %d\n", ret);
166 		panic();
167 	}
168 }
169 
170 #if STM32MP15
171 static void update_monotonic_counter(void)
172 {
173 	uint32_t version;
174 	uint32_t otp;
175 
176 	CASSERT(STM32_TF_VERSION <= MAX_MONOTONIC_VALUE,
177 		assert_stm32mp1_monotonic_counter_reach_max);
178 
179 	/* Check if monotonic counter needs to be incremented */
180 	if (stm32_get_otp_index(MONOTONIC_OTP, &otp, NULL) != 0) {
181 		panic();
182 	}
183 
184 	if (stm32_get_otp_value_from_idx(otp, &version) != 0) {
185 		panic();
186 	}
187 
188 	if ((version + 1U) < BIT(STM32_TF_VERSION)) {
189 		uint32_t result;
190 
191 		/* Need to increment the monotonic counter. */
192 		version = BIT(STM32_TF_VERSION) - 1U;
193 
194 		result = bsec_program_otp(version, otp);
195 		if (result != BSEC_OK) {
196 			ERROR("BSEC: MONOTONIC_OTP program Error %u\n",
197 			      result);
198 			panic();
199 		}
200 		INFO("Monotonic counter has been incremented (value 0x%x)\n",
201 		     version);
202 	}
203 }
204 #endif
205 
206 void bl2_el3_plat_arch_setup(void)
207 {
208 	const char *board_model;
209 	boot_api_context_t *boot_context =
210 		(boot_api_context_t *)stm32mp_get_boot_ctx_address();
211 	uintptr_t pwr_base;
212 	uintptr_t rcc_base;
213 
214 	if (bsec_probe() != 0U) {
215 		panic();
216 	}
217 
218 	mmap_add_region(BL_CODE_BASE, BL_CODE_BASE,
219 			BL_CODE_END - BL_CODE_BASE,
220 			MT_CODE | MT_SECURE);
221 
222 	/* Prevent corruption of preloaded Device Tree */
223 	mmap_add_region(DTB_BASE, DTB_BASE,
224 			DTB_LIMIT - DTB_BASE,
225 			MT_RO_DATA | MT_SECURE);
226 
227 	configure_mmu();
228 
229 	if (dt_open_and_check(STM32MP_DTB_BASE) < 0) {
230 		panic();
231 	}
232 
233 	pwr_base = stm32mp_pwr_base();
234 	rcc_base = stm32mp_rcc_base();
235 
236 	/*
237 	 * Disable the backup domain write protection.
238 	 * The protection is enable at each reset by hardware
239 	 * and must be disabled by software.
240 	 */
241 	mmio_setbits_32(pwr_base + PWR_CR1, PWR_CR1_DBP);
242 
243 	while ((mmio_read_32(pwr_base + PWR_CR1) & PWR_CR1_DBP) == 0U) {
244 		;
245 	}
246 
247 	/* Reset backup domain on cold boot cases */
248 	if ((mmio_read_32(rcc_base + RCC_BDCR) & RCC_BDCR_RTCSRC_MASK) == 0U) {
249 		mmio_setbits_32(rcc_base + RCC_BDCR, RCC_BDCR_VSWRST);
250 
251 		while ((mmio_read_32(rcc_base + RCC_BDCR) & RCC_BDCR_VSWRST) ==
252 		       0U) {
253 			;
254 		}
255 
256 		mmio_clrbits_32(rcc_base + RCC_BDCR, RCC_BDCR_VSWRST);
257 	}
258 
259 	/*
260 	 * Set minimum reset pulse duration to 31ms for discrete power
261 	 * supplied boards.
262 	 */
263 	if (dt_pmic_status() <= 0) {
264 		mmio_clrsetbits_32(rcc_base + RCC_RDLSICR,
265 				   RCC_RDLSICR_MRD_MASK,
266 				   31U << RCC_RDLSICR_MRD_SHIFT);
267 	}
268 
269 	generic_delay_timer_init();
270 
271 #if STM32MP_UART_PROGRAMMER
272 	/* Disable programmer UART before changing clock tree */
273 	if (boot_context->boot_interface_selected ==
274 	    BOOT_API_CTX_BOOT_INTERFACE_SEL_SERIAL_UART) {
275 		uintptr_t uart_prog_addr =
276 			get_uart_address(boot_context->boot_interface_instance);
277 
278 		stm32_uart_stop(uart_prog_addr);
279 	}
280 #endif
281 	if (stm32mp1_clk_probe() < 0) {
282 		panic();
283 	}
284 
285 	if (stm32mp1_clk_init() < 0) {
286 		panic();
287 	}
288 
289 	stm32_save_boot_info(boot_context);
290 
291 #if STM32MP_USB_PROGRAMMER && STM32MP15
292 	/* Deconfigure all UART RX pins configured by ROM code */
293 	stm32mp1_deconfigure_uart_pins();
294 #endif
295 
296 	if (stm32mp_uart_console_setup() != 0) {
297 		goto skip_console_init;
298 	}
299 
300 	stm32mp_print_cpuinfo();
301 
302 	board_model = dt_get_board_model();
303 	if (board_model != NULL) {
304 		NOTICE("Model: %s\n", board_model);
305 	}
306 
307 	stm32mp_print_boardinfo();
308 
309 	if (boot_context->auth_status != BOOT_API_CTX_AUTH_NO) {
310 		NOTICE("Bootrom authentication %s\n",
311 		       (boot_context->auth_status == BOOT_API_CTX_AUTH_FAILED) ?
312 		       "failed" : "succeeded");
313 	}
314 
315 skip_console_init:
316 #if !TRUSTED_BOARD_BOOT
317 	if (stm32mp_check_closed_device() == STM32MP_CHIP_SEC_CLOSED) {
318 		/* Closed chip mandates authentication */
319 		ERROR("Secure chip: TRUSTED_BOARD_BOOT must be enabled\n");
320 		panic();
321 	}
322 #endif
323 
324 	if (fixed_regulator_register() != 0) {
325 		panic();
326 	}
327 
328 	if (dt_pmic_status() > 0) {
329 		initialize_pmic();
330 		if (pmic_voltages_init() != 0) {
331 			ERROR("PMIC voltages init failed\n");
332 			panic();
333 		}
334 		print_pmic_info_and_debug();
335 	}
336 
337 	stm32mp_syscfg_init();
338 
339 	if (stm32_iwdg_init() < 0) {
340 		panic();
341 	}
342 
343 	stm32_iwdg_refresh();
344 
345 	if (bsec_read_debug_conf() != 0U) {
346 		if (stm32mp_check_closed_device() == STM32MP_CHIP_SEC_CLOSED) {
347 #if DEBUG
348 			WARN("\n%s", debug_msg);
349 #else
350 			ERROR("***Debug opened on closed chip***\n");
351 #endif
352 		}
353 	}
354 
355 #if STM32MP13
356 	if (stm32_rng_init() != 0) {
357 		panic();
358 	}
359 #endif
360 
361 	stm32mp1_arch_security_setup();
362 
363 	print_reset_reason();
364 
365 #if STM32MP15
366 	if (stm32mp_check_closed_device() == STM32MP_CHIP_SEC_CLOSED) {
367 		update_monotonic_counter();
368 	}
369 #endif
370 
371 	stm32mp_syscfg_enable_io_compensation_finish();
372 
373 	fconf_populate("TB_FW", STM32MP_DTB_BASE);
374 
375 	stm32mp_io_setup();
376 }
377 
378 #if STM32MP13
379 static void prepare_encryption(void)
380 {
381 	uint8_t mkey[MCE_KEY_SIZE_IN_BYTES];
382 
383 	stm32_mce_init();
384 
385 	/* Generate MCE master key from RNG */
386 	if (stm32_rng_read(mkey, MCE_KEY_SIZE_IN_BYTES) != 0) {
387 		panic();
388 	}
389 
390 	if (stm32_mce_write_master_key(mkey) != 0) {
391 		panic();
392 	}
393 
394 	stm32_mce_lock_master_key();
395 }
396 #endif
397 
398 /*******************************************************************************
399  * This function can be used by the platforms to update/use image
400  * information for given `image_id`.
401  ******************************************************************************/
402 int bl2_plat_handle_post_image_load(unsigned int image_id)
403 {
404 	int err = 0;
405 	bl_mem_params_node_t *bl_mem_params = get_bl_mem_params_node(image_id);
406 	bl_mem_params_node_t *bl32_mem_params;
407 	bl_mem_params_node_t *pager_mem_params __unused;
408 	bl_mem_params_node_t *paged_mem_params __unused;
409 	const struct dyn_cfg_dtb_info_t *config_info;
410 	bl_mem_params_node_t *tos_fw_mem_params;
411 	unsigned int i;
412 	unsigned int idx;
413 	unsigned long long ddr_top __unused;
414 	const unsigned int image_ids[] = {
415 		BL32_IMAGE_ID,
416 		BL33_IMAGE_ID,
417 		HW_CONFIG_ID,
418 		TOS_FW_CONFIG_ID,
419 	};
420 
421 	assert(bl_mem_params != NULL);
422 
423 	switch (image_id) {
424 	case FW_CONFIG_ID:
425 #if STM32MP13
426 		if ((stm32mp_check_closed_device() == STM32MP_CHIP_SEC_CLOSED) ||
427 		    stm32mp_is_auth_supported()) {
428 			prepare_encryption();
429 		}
430 #endif
431 		/* Set global DTB info for fixed fw_config information */
432 		set_config_info(STM32MP_FW_CONFIG_BASE, ~0UL, STM32MP_FW_CONFIG_MAX_SIZE,
433 				FW_CONFIG_ID);
434 		fconf_populate("FW_CONFIG", STM32MP_FW_CONFIG_BASE);
435 
436 		idx = dyn_cfg_dtb_info_get_index(TOS_FW_CONFIG_ID);
437 
438 		/* Iterate through all the fw config IDs */
439 		for (i = 0U; i < ARRAY_SIZE(image_ids); i++) {
440 			if ((image_ids[i] == TOS_FW_CONFIG_ID) && (idx == FCONF_INVALID_IDX)) {
441 				continue;
442 			}
443 
444 			bl_mem_params = get_bl_mem_params_node(image_ids[i]);
445 			assert(bl_mem_params != NULL);
446 
447 			config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, image_ids[i]);
448 			if (config_info == NULL) {
449 				continue;
450 			}
451 
452 			bl_mem_params->image_info.image_base = config_info->config_addr;
453 			bl_mem_params->image_info.image_max_size = config_info->config_max_size;
454 
455 			bl_mem_params->image_info.h.attr &= ~IMAGE_ATTRIB_SKIP_LOADING;
456 
457 			switch (image_ids[i]) {
458 			case BL32_IMAGE_ID:
459 				bl_mem_params->ep_info.pc = config_info->config_addr;
460 
461 				/* In case of OPTEE, initialize address space with tos_fw addr */
462 				pager_mem_params = get_bl_mem_params_node(BL32_EXTRA1_IMAGE_ID);
463 				assert(pager_mem_params != NULL);
464 				pager_mem_params->image_info.image_base = config_info->config_addr;
465 				pager_mem_params->image_info.image_max_size =
466 					config_info->config_max_size;
467 
468 				/* Init base and size for pager if exist */
469 				paged_mem_params = get_bl_mem_params_node(BL32_EXTRA2_IMAGE_ID);
470 				if (paged_mem_params != NULL) {
471 					paged_mem_params->image_info.image_base = STM32MP_DDR_BASE +
472 						(dt_get_ddr_size() - STM32MP_DDR_S_SIZE);
473 					paged_mem_params->image_info.image_max_size =
474 						STM32MP_DDR_S_SIZE;
475 				}
476 				break;
477 
478 			case BL33_IMAGE_ID:
479 				bl_mem_params->ep_info.pc = config_info->config_addr;
480 				break;
481 
482 			case HW_CONFIG_ID:
483 			case TOS_FW_CONFIG_ID:
484 				break;
485 
486 			default:
487 				return -EINVAL;
488 			}
489 		}
490 		break;
491 
492 	case BL32_IMAGE_ID:
493 		if ((bl_mem_params->image_info.image_base != 0UL) &&
494 		    (optee_header_is_valid(bl_mem_params->image_info.image_base))) {
495 			image_info_t *paged_image_info = NULL;
496 
497 			/* BL32 is OP-TEE header */
498 			bl_mem_params->ep_info.pc = bl_mem_params->image_info.image_base;
499 			pager_mem_params = get_bl_mem_params_node(BL32_EXTRA1_IMAGE_ID);
500 			assert(pager_mem_params != NULL);
501 
502 			paged_mem_params = get_bl_mem_params_node(BL32_EXTRA2_IMAGE_ID);
503 			if (paged_mem_params != NULL) {
504 				paged_image_info = &paged_mem_params->image_info;
505 			}
506 
507 			err = parse_optee_header(&bl_mem_params->ep_info,
508 						 &pager_mem_params->image_info,
509 						 paged_image_info);
510 			if (err != 0) {
511 				ERROR("OPTEE header parse error.\n");
512 				panic();
513 			}
514 
515 			/* Set optee boot info from parsed header data */
516 			if (paged_mem_params != NULL) {
517 				bl_mem_params->ep_info.args.arg0 =
518 					paged_mem_params->image_info.image_base;
519 			} else {
520 				bl_mem_params->ep_info.args.arg0 = 0U;
521 			}
522 
523 			bl_mem_params->ep_info.args.arg1 = 0U; /* Unused */
524 			bl_mem_params->ep_info.args.arg2 = 0U; /* No DT supported */
525 		} else {
526 			bl_mem_params->ep_info.pc = bl_mem_params->image_info.image_base;
527 			tos_fw_mem_params = get_bl_mem_params_node(TOS_FW_CONFIG_ID);
528 			assert(tos_fw_mem_params != NULL);
529 			bl_mem_params->image_info.image_max_size +=
530 				tos_fw_mem_params->image_info.image_max_size;
531 			bl_mem_params->ep_info.args.arg0 = 0;
532 		}
533 		break;
534 
535 	case BL33_IMAGE_ID:
536 		bl32_mem_params = get_bl_mem_params_node(BL32_IMAGE_ID);
537 		assert(bl32_mem_params != NULL);
538 		bl32_mem_params->ep_info.lr_svc = bl_mem_params->ep_info.pc;
539 #if PSA_FWU_SUPPORT
540 		stm32_fwu_set_boot_idx();
541 #endif /* PSA_FWU_SUPPORT */
542 		break;
543 
544 	default:
545 		/* Do nothing in default case */
546 		break;
547 	}
548 
549 #if STM32MP_SDMMC || STM32MP_EMMC
550 	/*
551 	 * Invalidate remaining data read from MMC but not flushed by load_image_flush().
552 	 * We take the worst case which is 2 MMC blocks.
553 	 */
554 	if ((image_id != FW_CONFIG_ID) &&
555 	    ((bl_mem_params->image_info.h.attr & IMAGE_ATTRIB_SKIP_LOADING) == 0U)) {
556 		inv_dcache_range(bl_mem_params->image_info.image_base +
557 				 bl_mem_params->image_info.image_size,
558 				 2U * MMC_BLOCK_SIZE);
559 	}
560 #endif /* STM32MP_SDMMC || STM32MP_EMMC */
561 
562 	return err;
563 }
564 
565 void bl2_el3_plat_prepare_exit(void)
566 {
567 #if STM32MP_UART_PROGRAMMER || STM32MP_USB_PROGRAMMER
568 	uint16_t boot_itf = stm32mp_get_boot_itf_selected();
569 
570 	if ((boot_itf == BOOT_API_CTX_BOOT_INTERFACE_SEL_SERIAL_UART) ||
571 	    (boot_itf == BOOT_API_CTX_BOOT_INTERFACE_SEL_SERIAL_USB)) {
572 		/* Invalidate the downloaded buffer used with io_memmap */
573 		inv_dcache_range(DWL_BUFFER_BASE, DWL_BUFFER_SIZE);
574 	}
575 #endif /* STM32MP_UART_PROGRAMMER || STM32MP_USB_PROGRAMMER */
576 
577 	stm32mp1_security_setup();
578 }
579