Gitiles
Code Review Sign In
review.coreboot.org / coreboot / 189bec59f01fc959dde7a9f29142adcad2a43cbe / . / src / soc / broadcom / cygnus / tz.c
blob: e35669b3924bea5a28081bfbc6b19fc1c38ca612 [file] [log] [blame]
Corneliu Doban189bec52015-04-10 15:51:55 -0700[diff] [blame^]1/*
2 * Copyright (C) 2015 Broadcom Corporation
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; version 2 of the License.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software
15 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
16 */
17
18#include <arch/io.h>
19#include <soc/tz.h>
20
21#define TZPC_TZPCR0SIZE 0x18034000
22#define TZPC_TZPCR0SIZE_MASK 0x000003ff
23
24#define TZPC_TZPCDECPROT0SET 0x18034804
25#define TZPC_TZPCDECPROT0CLR 0x18034808
26#define TZPC_TZPCDECPROT1SET 0x18034810
27#define TZPC_TZPCDECPROT1CLR 0x18034814
28#define TZPC_TZPCDECPROT2SET 0x1803481c
29#define TZPC_TZPCDECPROT2CLR 0x18034820
30
31#define TZPCDECPROT0_MASK 0x000000FF
32#define TZPCDECPROT1_MASK 0x000000FF
33#define TZPCDECPROT2_MASK 0x000000FF
34
35#define AXIIC_Ihost_acp_security 0x1a000008
36#define AXIIC_PCIe0_s0_security 0x1a000010
37#define AXIIC_PCIe1_s0_security 0x1a000014
38#define AXIIC_APBY_s0_security 0x1a00002c
39#define AXIIC_APBZ_s0_security 0x1a000030
40#define AXIIC_APBX_s0_security 0x1a000034
41#define AXIIC_ihost_s0_security 0x1a000038
42#define AXIIC_A9jtag_s0_security 0x1a00003c
43#define AXIIC_APB_W1_security 0x1a000040
44#define AXIIC_APB_W2_security 0x1a000044
45#define AXIIC_APB_W3_security 0x1a000048
46#define AXIIC_APB_W4_security 0x1a00004c
47#define AXIIC_APBR_s0_security 0x1a00006c
48#define AXIIC_APBS_s0_security 0x1a000070
49#define AXIIC_CMICd_s0_security 0x1a000074
50#define AXIIC_mhost0_s0_security 0x1a000078
51#define AXIIC_mhost1_s0_security 0x1a00007c
52#define AXIIC_Crypto_s0_security 0x1a000080
53#define AXIIC_DMU_s0_security 0x1a000084
54#define AXIIC_ext_s0_security 0x1a000088
55#define AXIIC_ext_s1_security 0x1a00008c
56
57#define AXIIC_APBY_s0_security_MASK 0x00003f1f
58#define AXIIC_APBZ_s0_security_MASK 0x0000003f
59#define AXIIC_APBX_s0_security_MASK 0x0000cfff
60#define AXIIC_ext_s0_security_MASK 0xffffffff
61#define AXIIC_ext_s1_security_MASK 0xffffffff
62#define AXIIC_APBR_s0_security_MASK 0x0000436d
63#define AXIIC_APBS_s0_security_MASK 0x000057ee
64#define AXIIC_APB_W1_security_MASK 0x0000ffff
65#define AXIIC_APB_W2_security_MASK 0x0000000f
66#define AXIIC_APB_W3_security_MASK 0x00003fff
67#define AXIIC_APB_W4_security_MASK 0x0000007f
68
69/*
70 * Note: the order need to match corresponding definitions for
71 * non virtual slave slave_vector in tz.h
72 */
73static uint32_t non_virtual_slave_regs[] = {
74 AXIIC_Ihost_acp_security,
75 AXIIC_PCIe0_s0_security,
76 AXIIC_PCIe1_s0_security,
77 AXIIC_ihost_s0_security,
78 AXIIC_A9jtag_s0_security,
79 AXIIC_CMICd_s0_security,
80 AXIIC_mhost0_s0_security,
81 AXIIC_mhost1_s0_security,
82 AXIIC_Crypto_s0_security,
83 AXIIC_DMU_s0_security
84};
85
86/*
87 * Set master security.
88 * Use defines in tz.h for both parameters.
89 */
90void tz_set_masters_security(uint32_t masters, uint32_t ns_bit)
91{
92 uint32_t val;
93
94 /* Check any TZPCDECPROT0 is set and then write to TZPCDECPROT0 */
95 if (masters & TZPCDECPROT0_MASK) {
96 val = masters & TZPCDECPROT0_MASK;
97 if (ns_bit)
98 write32((void *)TZPC_TZPCDECPROT0SET, val);
99 else
100 write32((void *)TZPC_TZPCDECPROT0CLR, val);
101 }
102 /* Check any TZPCDECPROT1 is set and then write to TZPCDECPROT1 */
103 if ((masters >> 8) & TZPCDECPROT1_MASK) {
104 val = (masters >> 8) & TZPCDECPROT1_MASK;
105 if (ns_bit)
106 write32((void *)TZPC_TZPCDECPROT1SET, val);
107 else
108 write32((void *)TZPC_TZPCDECPROT1CLR, val);
109 }
110 /* Check any TZPCDECPROT2 is set and then write to TZPCDECPROT2 */
111 if ((masters >> 16) & TZPCDECPROT2_MASK) {
112 val = (masters >> 16) & TZPCDECPROT2_MASK;
113 if (ns_bit)
114 write32((void *)TZPC_TZPCDECPROT2SET, val);
115 else
116 write32((void *)TZPC_TZPCDECPROT2CLR, val);
117 }
118}
119
120/*
121 * Set non virtual slave security.
122 * Use defines in tz.h for both parameters.
123 */
124void tz_set_non_virtual_slaves_security(uint32_t slave_vector, uint32_t ns_bit)
125{
126 uint32_t i;
127 uint32_t total = sizeof(non_virtual_slave_regs) /
128 sizeof(non_virtual_slave_regs[0]);
129 uint32_t mask = ~(0xffffffff << total);
130
131 ns_bit &= 0x1;
132 slave_vector = slave_vector & mask;
133 for (i = 0; i < total; i++) {
134 if (slave_vector & (0x1 << i))
135 write32((void *)(non_virtual_slave_regs[i]), ns_bit);
136 }
137}
138
139/*
140 * Set peripheral security.
141 * Use defines in tz.h for both parameters.
142 */
143void tz_set_periph_security(uint32_t slave_vector, uint32_t ns_bit)
144{
145 uint32_t val;
146 uint32_t mask_x = AXIIC_APBX_s0_security_MASK;
147 uint32_t mask_y = AXIIC_APBY_s0_security_MASK;
148 uint32_t tz_periphs_sec_status =
149 (mask_x & read32((void *)AXIIC_APBX_s0_security)) |
150 ((mask_y & read32((void *)AXIIC_APBY_s0_security)) << 16);
151
152 if (ns_bit == TZ_STATE_SECURE)
153 tz_periphs_sec_status &= ~slave_vector;
154 else
155 tz_periphs_sec_status |= slave_vector;
156
157 val = tz_periphs_sec_status & mask_x;
158 write32((void *)AXIIC_APBX_s0_security, val);
159
160 val = (tz_periphs_sec_status >> 16) & mask_y;
161 write32((void *)AXIIC_APBY_s0_security, val);
162}
163
164/*
165 * Set sec peripheral security.
166 * Use defines in tz.h for both parameters.
167 */
168void tz_set_sec_periphs_security(uint32_t slave_vector, uint32_t ns_bit)
169{
170 uint32_t val;
171 uint32_t mask = AXIIC_APBZ_s0_security_MASK;
172 uint32_t tz_sec_periphs_sec_status =
173 read32((void *)AXIIC_APBZ_s0_security);
174
175 if (ns_bit == TZ_STATE_SECURE)
176 tz_sec_periphs_sec_status &= ~slave_vector;
177 else
178 tz_sec_periphs_sec_status |= slave_vector;
179
180 val = tz_sec_periphs_sec_status & mask;
181 write32((void *)AXIIC_APBZ_s0_security, val);
182}
183
184/*
185 * Set external slave security.
186 * Use defines in tz.h for both parameters.
187 */
188void tz_set_ext_slaves_security(uint32_t slave_vector, uint32_t ns_bit)
189{
190 uint32_t val;
191 uint32_t mask_s0 = AXIIC_ext_s0_security_MASK;
192 uint32_t mask_s1 = AXIIC_ext_s1_security_MASK;
193 uint32_t tz_ext_slaves_sec_status =
194 (mask_s0 & read32((void *)AXIIC_ext_s0_security)) |
195 ((mask_s1 & read32((void *)AXIIC_ext_s0_security)) << 16);
196
197 if (ns_bit == TZ_STATE_SECURE)
198 tz_ext_slaves_sec_status &= ~slave_vector;
199 else
200 tz_ext_slaves_sec_status |= slave_vector;
201
202 val = tz_ext_slaves_sec_status & mask_s0;
203 write32((void *)AXIIC_ext_s0_security, val);
204
205 val = (tz_ext_slaves_sec_status >> 16) & mask_s1;
206 write32((void *)AXIIC_ext_s1_security, val);
207}
208
209/*
210 * Set cfg slave security
211 * Use defines in tz.h for both parameters.
212 */
213void tz_set_cfg_slaves_security(uint32_t slave_vector, uint32_t ns_bit)
214{
215 uint32_t val;
216 uint32_t mask_r = AXIIC_APBR_s0_security_MASK;
217 uint32_t mask_s = AXIIC_APBS_s0_security_MASK;
218 uint32_t tz_cfg_slaves_sec_status =
219 (mask_r & read32((void *)AXIIC_APBR_s0_security)) |
220 ((mask_s & read32((void *)AXIIC_APBS_s0_security)) << 16);
221
222 if (ns_bit == TZ_STATE_SECURE)
223 tz_cfg_slaves_sec_status &= ~slave_vector;
224 else
225 tz_cfg_slaves_sec_status |= slave_vector;
226
227 val = tz_cfg_slaves_sec_status & mask_r;
228 write32((void *)AXIIC_APBR_s0_security, val);
229
230 val = (tz_cfg_slaves_sec_status >> 16) & mask_s;
231 write32((void *)AXIIC_APBS_s0_security, val);
232}
233
234/*
235 * Set SRAM secure region
236 * parameter 'r0size' specify the secure RAM region in 4KB steps:
237 * 0x00000000 = no secure region
238 * 0x00000001 = 4KB secure region
239 * 0x00000002 = 8KB secure region
240 * .......
241 * 0x000001FF = 2044KB secure region.
242 * 0x00000200 or above sets the entire SRAM to secure regardless of size
243 */
244void tz_set_sram_sec_region(uint32_t r0size)
245{
246 uint32_t mask = TZPC_TZPCR0SIZE_MASK;
247
248 write32((void *)TZPC_TZPCR0SIZE, r0size & mask);
249}
250
251/*
252 * Set wrapper security
253 * Use defines in tz.h for all parameters.
254 */
255void tz_set_wrapper_security(uint32_t wrapper1, uint32_t wrapper2,
256 uint32_t wrapper3, uint32_t wrapper4,
257 uint32_t ns_bit)
258{
259 uint32_t mask_w4 = AXIIC_APB_W4_security_MASK;
260 uint32_t mask_w3 = AXIIC_APB_W3_security_MASK;
261 uint32_t mask_w2 = AXIIC_APB_W2_security_MASK;
262 uint32_t mask_w1 = AXIIC_APB_W1_security_MASK;
263 uint32_t tz_wrapper1_sec_status = read32((void *)AXIIC_APB_W1_security);
264 uint32_t tz_wrapper2_sec_status = read32((void *)AXIIC_APB_W2_security);
265 uint32_t tz_wrapper3_sec_status = read32((void *)AXIIC_APB_W3_security);
266 uint32_t tz_wrapper4_sec_status = read32((void *)AXIIC_APB_W4_security);
267
268 if (ns_bit == TZ_STATE_SECURE) {
269 tz_wrapper1_sec_status &= ~wrapper1;
270 tz_wrapper2_sec_status &= ~wrapper2;
271 tz_wrapper3_sec_status &= ~wrapper3;
272 tz_wrapper4_sec_status &= ~wrapper4;
273 } else {
274 tz_wrapper1_sec_status |= wrapper1;
275 tz_wrapper2_sec_status |= wrapper2;
276 tz_wrapper3_sec_status |= wrapper3;
277 tz_wrapper4_sec_status |= wrapper4;
278 }
279 write32((void *)AXIIC_APB_W1_security,
280 tz_wrapper1_sec_status & mask_w1);
281 write32((void *)AXIIC_APB_W2_security,
282 tz_wrapper2_sec_status & mask_w2);
283 write32((void *)AXIIC_APB_W3_security,
284 tz_wrapper3_sec_status & mask_w3);
285 write32((void *)AXIIC_APB_W4_security,
286 tz_wrapper4_sec_status & mask_w4);
287}