RZN1: NoC firewalldev/tz_cfg

Set the TrustZone configuration for NoC ports to assign groups with critical ressources to the Secure world. Signed-off-by: Mourad Goumrhar <Mourad.Goumrhar@se.com>
author: Mourad Goumrhar <Mourad.Goumrhar@se.com> 2019-11-19 14:35:59 +0100
committer: Mourad Goumrhar <Mourad.Goumrhar@se.com> 2020-01-20 10:21:36 +0100
commit: 803e9bb28efb3f2bc4b11172fa47cb6157bd9e03 (patch)
tree: c5c44da3fd2bc469a07aa030f3a174794a83dc9f
parent: 519111674115a2bfa58d3e5a5f6ab950720c32f7 (diff)
4 files changed, 107 insertions, 7 deletions
diff --git a/core/arch/arm/kernel/generic_entry_a32.S b/core/arch/arm/kernel/generic_entry_a32.S
index 75813528..5cd1d1c3 100644
--- a/core/arch/arm/kernel/generic_entry_a32.S
+++ b/core/arch/arm/kernel/generic_entry_a32.S
@@ -458,6 +458,8 @@ shadow_stack_access_ok:
 	bl	generic_boot_init_primary
 	mov	r4, r0		/* save entry test vector */
 
+	bl	rzn1_init
+
 	/*
 	 * In case we've touched memory that secondary CPUs will use before
 	 * they have turned on their D-cache, clean and invalidate the
diff --git a/core/arch/arm/plat-rzn1/main.c b/core/arch/arm/plat-rzn1/main.c
index 2a9902c4..57bff53b 100644
--- a/core/arch/arm/plat-rzn1/main.c
+++ b/core/arch/arm/plat-rzn1/main.c
@@ -48,6 +48,8 @@
 #include <keep.h>
 #include <trace.h>
 
+#include <rzn1_tz.h>
+
 #define SYSCTRL_BASE		 0x4000C000
 #define SYSCTRL_REG_RSTEN    (SYSCTRL_BASE + 0x120)
 #define SYSCTRL_REG_RSTCTRL  (SYSCTRL_BASE + 0x198)
@@ -58,6 +60,8 @@
 #define SYSCTRL_REG_RSTCTRL_SWRST_REQ   6
 
 static void main_fiq(void);
+void rzn1_init(void);
+static void rzn1_tz_init(void);
 
 static struct rzn1_ns16550_data console_data;
 static struct gic_data gic_data;
@@ -74,9 +78,9 @@ static const struct thread_handlers handlers = {
 	.system_reset = pm_panic,
 };
 
-
-register_phys_mem(MEM_AREA_IO_NSEC, CONSOLE_UART_BASE, CORE_MMU_DEVICE_SIZE);
-register_phys_mem(MEM_AREA_IO_SEC, SYSCTRL_BASE, CORE_MMU_DEVICE_SIZE);
+register_phys_mem(MEM_AREA_IO_SEC, NOCFIREWALL_BASE, 0x1000);
+register_phys_mem(MEM_AREA_IO_NSEC, PERIPH_REG_BASE, CORE_MMU_DEVICE_SIZE);
+register_phys_mem(MEM_AREA_IO_SEC, SYSCTRL_BASE, 0x1000);
 register_phys_mem(MEM_AREA_IO_SEC, GIC_BASE, CORE_MMU_DEVICE_SIZE);
 
 static void main_fiq(void)
@@ -89,10 +93,34 @@ const struct thread_handlers *generic_boot_get_handlers(void)
 	return &handlers;
 }
 
-#if 0 // NoC security violation
+#if 0
+// NoC security violation
 static enum itr_return nocfw_itr_cb(struct itr_handler *h __unused)
 {
-	DMSG("Noc FW interrupt");
+	vaddr_t preg;
+	volatile unsigned long val;
+	unsigned char errcode;
+	unsigned char errval;
+
+	/* Confirm there was an actual violation */
+	preg = core_mmu_get_va(NOCFIREWALL_ERRVLD, MEM_AREA_IO_SEC);
+	val = read32(preg);
+	if ( val & 1 )
+	{
+		preg = core_mmu_get_va(NOCFIREWALL_ERRLOG0, MEM_AREA_IO_SEC);
+		val = read32(preg);
+		errcode = (val >> 8) & 0x7;
+
+		preg = core_mmu_get_va(NOCFIREWALL_ERRLOG1, MEM_AREA_IO_SEC);
+		val = read32(preg);
+		errval = (val >> 9) & 0x3F;
+
+		IMSG("Noc FW interrupt: code=%x, val=%x", errcode, errval);
+
+		/* Clear error */
+		preg = core_mmu_get_va(NOCFIREWALL_ERRCLR, MEM_AREA_IO_SEC);
+		write32(0x1UL, preg);
+	}
 	return ITRR_HANDLED;
 }
 
@@ -194,8 +222,6 @@ int psci_cpu_on(uint32_t cpu_id, uint32_t entry, uint32_t context_id)
 }
 #endif
 
-#include <stdio.h>
-#include <trace.h>
 void psci_system_reset(void)
 {
     vaddr_t en_reg;
@@ -224,3 +250,29 @@ void psci_system_off(void)
     psci_system_reset();
 }
 
+static void rzn1_tz_init(void)
+{
+#if 1
+	vaddr_t preg;
+	uint32_t tz_init_cfg = 0;
+	uint32_t tz_targ_cfg = 0;
+	tz_init_cfg |= TZ_INIT_CSA_SEC;
+	tz_init_cfg |= TZ_INIT_YS_SEC;
+	tz_init_cfg |= TZ_INIT_YC_SEC;
+	tz_init_cfg |= TZ_INIT_YD_SEC;
+	preg = core_mmu_get_va(CFG_FW_STATIC_TZA_INIT, MEM_AREA_IO_SEC);
+	write32(tz_init_cfg, preg);
+	tz_targ_cfg |= TZ_TARG_PC_SEC;
+	tz_targ_cfg |= TZ_TARG_QB_SEC;
+	tz_targ_cfg |= TZ_TARG_QA_SEC;
+	tz_targ_cfg |= TZ_TARG_UB_SEC;
+	tz_targ_cfg |= TZ_TARG_UA_SEC;
+	preg = core_mmu_get_va(CFG_FW_STATIC_TZA_TARG, MEM_AREA_IO_SEC);
+	write32(tz_targ_cfg, preg);
+#endif
+}
+
+void rzn1_init(void)
+{
+	rzn1_tz_init();
+}
diff --git a/core/arch/arm/plat-rzn1/platform_config.h b/core/arch/arm/plat-rzn1/platform_config.h
index 9bbbbe9e..a8ceda10 100644
--- a/core/arch/arm/plat-rzn1/platform_config.h
+++ b/core/arch/arm/plat-rzn1/platform_config.h
@@ -41,6 +41,9 @@
 #define CONSOLE_UART_BASE	0x40060000
 #define CONSOLE_UART_IRQ	(GIC_PPI + 6)
 
+/* TZ config registers */
+#define CFG_FW_STATIC_TZA_INIT	0x4000C0D0
+#define CFG_FW_STATIC_TZA_TARG	0x4000C0D4
 
 // The LCES memory map is designed as if there are two DRAM banks
 // DRAM0 is always 128 MB
diff --git a/core/arch/arm/plat-rzn1/rzn1_tz.h b/core/arch/arm/plat-rzn1/rzn1_tz.h
new file mode 100644
index 00000000..3e611493
--- /dev/null
+++ b/core/arch/arm/plat-rzn1/rzn1_tz.h
@@ -0,0 +1,43 @@
+#ifndef _RZN1_TZ_H
+#define _RZN1_TZ_H
+
+/* TZ initiatior ports */
+#define TZ_INIT_CSB_SEC	1<<7	/* CoreSight AHB                  */
+#define TZ_INIT_CSA_SEC	1<<6	/* CoreSight AXI                  */
+#define TZ_INIT_YS_SEC	1<<5	/* Cortex-M3 System Bus interface */
+#define TZ_INIT_YC_SEC	1<<4	/* Cortex-M3 ICode interface      */
+#define TZ_INIT_YD_SEC	1<<3	/* Cortex-M3 DCode interface      */
+#define TZ_INIT_Z_SEC	1<<2	/* Packet Engine                  */
+#define TZ_INIT_I_SEC	1<<1	/* Peripheral Group               */
+#define TZ_INIT_F_SEC	1		/* Peripheral Group               */
+
+/* TZ target ports */
+#define TZ_TARG_W_SEC	1<<14	/* RTC                    */
+#define TZ_TARG_PC_SEC	1<<9	/* DDR2/3 Controller      */
+#define TZ_TARG_RA_SEC	1<<8	/* CoreSight              */
+#define TZ_TARG_QB_SEC	1<<7	/* System Control         */
+#define TZ_TARG_QA_SEC	1<<6	/* PG0                    */
+#define TZ_TARG_NB_SEC	1<<5	/* Packet Engine          */
+#define TZ_TARG_NA_SEC	1<<4	/* Public Key Processor   */
+#define TZ_TARG_K_SEC	1<<3	/* Peripheral Group       */
+#define TZ_TARG_J_SEC	1<<2	/* Peripheral Group       */
+#define TZ_TARG_UB_SEC	1<<1	/* 2MB SRAM               */
+#define TZ_TARG_UA_SEC	1		/* 2MB SRAM               */
+
+/* Peripheral memory map */
+#define PERIPH_REG_BASE	0x40000000
+#define MEM_GROUP_BASE	0x40100000 /* SDIO, NAND and DMA */
+#define ETH_PERIPH_BASE	0x44000000
+#define PERIPH_GROUP1_BASE	0x50000000
+#define PERIPH_GROUP2_BASE	0x51000000
+#define PERIPH_GROUP3_BASE	0x52104000
+#define PERIPH_GROUP4_BASE	0x53000000
+
+/* NoC Firewall */
+#define NOCFIREWALL_BASE	0x00010000
+#define NOCFIREWALL_ERRVLD	0x0001000C
+#define NOCFIREWALL_ERRCLR	0x00010010
+#define NOCFIREWALL_ERRLOG0	0x00010014
+#define NOCFIREWALL_ERRLOG1	0x00010018
+
+#endif /* _RZN1_TZ_H */
+\ No newline at end of file
author	Mourad Goumrhar <Mourad.Goumrhar@se.com>	2019-11-19 14:35:59 +0100
committer	Mourad Goumrhar <Mourad.Goumrhar@se.com>	2020-01-20 10:21:36 +0100
commit	803e9bb28efb3f2bc4b11172fa47cb6157bd9e03 (patch)
tree	c5c44da3fd2bc469a07aa030f3a174794a83dc9f
parent	519111674115a2bfa58d3e5a5f6ab950720c32f7 (diff)