t132: handle optional Trust Zone region correctly
Provide a default Trust Zone region size of 1MiB, and
correctly account for it in the AVP and the arm64 cores.
The different path between the arm64 cores and the AVP
is because the AVP cannot access the Trust Zone region
registers. Therefore the AVP needs to account for the
Trust Zone region.
BUG=chrome-os-partner:30572
BRANCH=None
TEST=Built and ran. Noted Trust Zone region being accounted for.
Original-Change-Id: Ie0f117ec7a5ff8519c39778d3cdf88c3eee57ea5
Original-Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/208062
Original-Reviewed-by: Tom Warren <twarren@nvidia.com>
Original-Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Original-Commit-Queue: Furquan Shaikh <furquan@chromium.org>
(cherry picked from commit 22f2fa05c009c58f53b99b9ebe1b6d01fdac5ba7)
Signed-off-by: Marc Jones <marc.jones@se-eng.com>
Change-Id: I28506b4401145d366b56126b2eddc4c3d3db7b44
Reviewed-on: http://review.coreboot.org/8639
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
diff --git a/src/soc/nvidia/tegra132/Kconfig b/src/soc/nvidia/tegra132/Kconfig
index 3396cc8..8a5d087 100644
--- a/src/soc/nvidia/tegra132/Kconfig
+++ b/src/soc/nvidia/tegra132/Kconfig
@@ -93,4 +93,10 @@
help
Path to directory where MTS microcode files are located.
+config TRUSTZONE_CARVEOUT_SIZE_MB
+ hex "Size of Trust Zone region"
+ default 0x1
+ help
+ Size of Trust Zone area in MiB to reserve in memory map.
+
endif
diff --git a/src/soc/nvidia/tegra132/Makefile.inc b/src/soc/nvidia/tegra132/Makefile.inc
index 88ba51c..0ab95d4 100644
--- a/src/soc/nvidia/tegra132/Makefile.inc
+++ b/src/soc/nvidia/tegra132/Makefile.inc
@@ -48,6 +48,7 @@
ramstage-y += ../tegra/gpio.c
ramstage-y += ../tegra/i2c.c
ramstage-y += ../tegra/pinmux.c
+ramstage-y += ramstage.c
ramstage-$(CONFIG_DRIVERS_UART) += uart.c
CPPFLAGS_common += -Isrc/soc/nvidia/tegra132/include/
diff --git a/src/soc/nvidia/tegra132/addressmap.c b/src/soc/nvidia/tegra132/addressmap.c
index bb35a87..7f6d7c3 100644
--- a/src/soc/nvidia/tegra132/addressmap.c
+++ b/src/soc/nvidia/tegra132/addressmap.c
@@ -147,6 +147,14 @@
/* Place the framebuffer just below the 32-bit addressable limit. */
memory_range_by_bits(ADDRESS_SPACE_32_BIT, &begin, &end);
+ /*
+ * Need to take into account that the Trust Zone region is not able to
+ * be read by the AVP. The Trust Zone region will live just below the
+ * rest of the carveout regions.
+ */
+ if (context_avp())
+ end -= CONFIG_TRUSTZONE_CARVEOUT_SIZE_MB;
+
*size_mib = FB_SIZE_MB;
end -= *size_mib;
diff --git a/src/soc/nvidia/tegra132/ramstage.c b/src/soc/nvidia/tegra132/ramstage.c
new file mode 100644
index 0000000..7b2f4e8
--- /dev/null
+++ b/src/soc/nvidia/tegra132/ramstage.c
@@ -0,0 +1,47 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright 2014 Google Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include <arch/io.h>
+#include <arch/stages.h>
+#include <soc/addressmap.h>
+#include "mc.h"
+
+void arm64_soc_init(void)
+{
+ struct tegra_mc_regs * const mc = (void *)(uintptr_t)TEGRA_MC_BASE;
+ const size_t tz_size_mib = CONFIG_TRUSTZONE_CARVEOUT_SIZE_MB;
+ uintptr_t base;
+ uintptr_t end;
+
+ if (!tz_size_mib)
+ return;
+
+ /*
+ * Ramstage is when the arm64 first gets running. It also is the
+ * only entity that the capabilities to program the Trust Zone region.
+ * Therefore configure the region early. Also, the TZ region can only
+ * live in 32-bit space.
+ */
+ memory_range_by_bits(ADDRESS_SPACE_32_BIT, &base, &end);
+
+ /* Place the TZ area just below current carveout regions. */
+ end -= tz_size_mib;
+ write32(end << 20, &mc->security_cfg0);
+ write32(tz_size_mib, &mc->security_cfg1);
+}