]>
Commit | Line | Data |
---|---|---|
1e57a462 | 1 | /** @file\r |
2 | *\r | |
d4c92ade | 3 | * Copyright (c) 2011-2013, ARM Limited. All rights reserved.\r |
3402aac7 RC |
4 | *\r |
5 | * This program and the accompanying materials\r | |
6 | * are licensed and made available under the terms and conditions of the BSD License\r | |
7 | * which accompanies this distribution. The full text of the license may be found at\r | |
8 | * http://opensource.org/licenses/bsd-license.php\r | |
9 | *\r | |
10 | * THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
11 | * WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
1e57a462 | 12 | *\r |
13 | **/\r | |
14 | \r | |
15 | #include <Library/ArmPlatformLib.h>\r | |
16 | #include <Library/ArmPlatformSysConfigLib.h>\r | |
17 | #include <Library/DebugLib.h>\r | |
18 | #include <Library/IoLib.h>\r | |
19 | #include <Library/PcdLib.h>\r | |
d4c92ade | 20 | #include <Library/SerialPortLib.h>\r |
1e57a462 | 21 | \r |
22 | #include <Drivers/ArmTrustzone.h>\r | |
23 | #include <Drivers/PL310L2Cache.h>\r | |
24 | \r | |
25 | #include <ArmPlatform.h>\r | |
26 | \r | |
d4c92ade OM |
27 | #define SerialPrint(txt) SerialPortWrite ((UINT8*)(txt), AsciiStrLen(txt)+1)\r |
28 | \r | |
1e57a462 | 29 | /**\r |
30 | Initialize the Secure peripherals and memory regions\r | |
31 | \r | |
32 | If Trustzone is supported by your platform then this function makes the required initialization\r | |
33 | of the secure peripherals and memory regions.\r | |
34 | \r | |
35 | **/\r | |
36 | VOID\r | |
37 | ArmPlatformSecTrustzoneInit (\r | |
38 | IN UINTN MpId\r | |
39 | )\r | |
40 | {\r | |
41 | // Nothing to do\r | |
bebda7ce | 42 | if (!ArmPlatformIsPrimaryCore (MpId)) {\r |
1e57a462 | 43 | return;\r |
44 | }\r | |
45 | \r | |
46 | //\r | |
47 | // Setup TZ Protection Controller\r | |
48 | //\r | |
49 | \r | |
50 | if (MmioRead32(ARM_VE_SYS_CFGRW1_REG) & ARM_VE_CFGRW1_TZASC_EN_BIT_MASK) {\r | |
51 | ASSERT (PcdGetBool (PcdTrustzoneSupport) == TRUE);\r | |
52 | } else {\r | |
53 | ASSERT (PcdGetBool (PcdTrustzoneSupport) == FALSE);\r | |
54 | }\r | |
55 | \r | |
56 | // Set Non Secure access for all devices\r | |
57 | TZPCSetDecProtBits(ARM_VE_TZPC_BASE, TZPC_DECPROT_0, 0xFFFFFFFF);\r | |
58 | TZPCSetDecProtBits(ARM_VE_TZPC_BASE, TZPC_DECPROT_1, 0xFFFFFFFF);\r | |
59 | TZPCSetDecProtBits(ARM_VE_TZPC_BASE, TZPC_DECPROT_2, 0xFFFFFFFF);\r | |
60 | \r | |
61 | // Remove Non secure access to secure devices\r | |
62 | TZPCClearDecProtBits(ARM_VE_TZPC_BASE, TZPC_DECPROT_0,\r | |
63 | ARM_VE_DECPROT_BIT_TZPC | ARM_VE_DECPROT_BIT_DMC_TZASC | ARM_VE_DECPROT_BIT_NMC_TZASC | ARM_VE_DECPROT_BIT_SMC_TZASC);\r | |
64 | \r | |
65 | TZPCClearDecProtBits(ARM_VE_TZPC_BASE, TZPC_DECPROT_2,\r | |
66 | ARM_VE_DECPROT_BIT_EXT_MAST_TZ | ARM_VE_DECPROT_BIT_DMC_TZASC_LOCK | ARM_VE_DECPROT_BIT_NMC_TZASC_LOCK | ARM_VE_DECPROT_BIT_SMC_TZASC_LOCK);\r | |
67 | \r | |
68 | //\r | |
69 | // Setup TZ Address Space Controller for the SMC. Create 5 Non Secure regions (NOR0, NOR1, SRAM, SMC Peripheral regions)\r | |
70 | //\r | |
71 | \r | |
72 | // NOR Flash 0 non secure (BootMon)\r | |
73 | TZASCSetRegion(ARM_VE_TZASC_BASE,1,TZASC_REGION_ENABLED,\r | |
74 | ARM_VE_SMB_NOR0_BASE,0,\r | |
465663e9 | 75 | TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);\r |
1e57a462 | 76 | \r |
77 | // NOR Flash 1. The first half of the NOR Flash1 must be secure for the secure firmware (sec_uefi.bin)\r | |
78 | if (PcdGetBool (PcdTrustzoneSupport) == TRUE) {\r | |
79 | //Note: Your OS Kernel must be aware of the secure regions before to enable this region\r | |
80 | TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,\r | |
81 | ARM_VE_SMB_NOR1_BASE + SIZE_32MB,0,\r | |
465663e9 | 82 | TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW, 0);\r |
1e57a462 | 83 | } else {\r |
84 | TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,\r | |
85 | ARM_VE_SMB_NOR1_BASE,0,\r | |
465663e9 | 86 | TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);\r |
1e57a462 | 87 | }\r |
88 | \r | |
89 | // Base of SRAM. Only half of SRAM in Non Secure world\r | |
90 | // First half non secure (16MB) + Second Half secure (16MB) = 32MB of SRAM\r | |
91 | if (PcdGetBool (PcdTrustzoneSupport) == TRUE) {\r | |
92 | //Note: Your OS Kernel must be aware of the secure regions before to enable this region\r | |
93 | TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,\r | |
94 | ARM_VE_SMB_SRAM_BASE,0,\r | |
465663e9 | 95 | TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW, 0);\r |
1e57a462 | 96 | } else {\r |
97 | TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,\r | |
98 | ARM_VE_SMB_SRAM_BASE,0,\r | |
465663e9 | 99 | TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW, 0);\r |
1e57a462 | 100 | }\r |
101 | \r | |
102 | // Memory Mapped Peripherals. All in non secure world\r | |
103 | TZASCSetRegion(ARM_VE_TZASC_BASE,4,TZASC_REGION_ENABLED,\r | |
104 | ARM_VE_SMB_PERIPH_BASE,0,\r | |
465663e9 | 105 | TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);\r |
1e57a462 | 106 | \r |
107 | // MotherBoard Peripherals and On-chip peripherals.\r | |
108 | TZASCSetRegion(ARM_VE_TZASC_BASE,5,TZASC_REGION_ENABLED,\r | |
109 | ARM_VE_SMB_MB_ON_CHIP_PERIPH_BASE,0,\r | |
465663e9 | 110 | TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW, 0);\r |
1e57a462 | 111 | }\r |
112 | \r | |
113 | /**\r | |
114 | Initialize controllers that must setup at the early stage\r | |
115 | \r | |
116 | Some peripherals must be initialized in Secure World.\r | |
117 | For example, some L2x0 requires to be initialized in Secure World\r | |
118 | \r | |
119 | **/\r | |
120 | RETURN_STATUS\r | |
121 | ArmPlatformSecInitialize (\r | |
122 | IN UINTN MpId\r | |
123 | )\r | |
124 | {\r | |
d4c92ade OM |
125 | UINT32 Value;\r |
126 | \r | |
127 | // If the DRAM is remapped at 0x0 then we need to wake up the secondary cores from wfe\r | |
128 | // (waiting for the memory to be initialized) as the instruction is still in the remapped\r | |
129 | // flash region at 0x0 to jump in the C-code which lives in the NOR1 at 0x44000000 before\r | |
130 | // the region 0x0 is remapped as DRAM.\r | |
131 | if (!FeaturePcdGet (PcdNorFlashRemapping)) {\r | |
132 | if (!ArmPlatformIsPrimaryCore (MpId)) {\r | |
133 | // Replaced ArmCallWFE () in ArmPlatformPkg/Sec/SecEntryPoint.(S|asm)\r | |
134 | ArmCallWFE ();\r | |
135 | } else {\r | |
136 | // Wake up the secondary core from ArmCallWFE () in ArmPlatformPkg/Sec/SecEntryPoint.(S|asm)\r | |
137 | ArmCallSEV ();\r | |
138 | }\r | |
139 | }\r | |
140 | \r | |
1e57a462 | 141 | // If it is not the primary core then there is nothing to do\r |
bebda7ce | 142 | if (!ArmPlatformIsPrimaryCore (MpId)) {\r |
1e57a462 | 143 | return RETURN_SUCCESS;\r |
144 | }\r | |
145 | \r | |
146 | // The L2x0 controller must be intialize in Secure World\r | |
147 | L2x0CacheInit(PcdGet32(PcdL2x0ControllerBase),\r | |
148 | PL310_TAG_LATENCIES(L2x0_LATENCY_8_CYCLES,L2x0_LATENCY_8_CYCLES,L2x0_LATENCY_8_CYCLES),\r | |
149 | PL310_DATA_LATENCIES(L2x0_LATENCY_8_CYCLES,L2x0_LATENCY_8_CYCLES,L2x0_LATENCY_8_CYCLES),\r | |
150 | 0,~0, // Use default setting for the Auxiliary Control Register\r | |
151 | FALSE);\r | |
152 | \r | |
153 | // Initialize the System Configuration\r | |
154 | ArmPlatformSysConfigInitialize ();\r | |
155 | \r | |
156 | // If we skip the PEI Core we could want to initialize the DRAM in the SEC phase.\r | |
157 | // If we are in standalone, we need the initialization to copy the UEFI firmware into DRAM\r | |
158 | if ((FeaturePcdGet (PcdSystemMemoryInitializeInSec)) || (FeaturePcdGet (PcdStandalone) == FALSE)) {\r | |
159 | // If it is not a standalone build ensure the PcdSystemMemoryInitializeInSec has been set\r | |
160 | ASSERT(FeaturePcdGet (PcdSystemMemoryInitializeInSec) == TRUE);\r | |
161 | \r | |
162 | // Initialize system memory (DRAM)\r | |
163 | ArmPlatformInitializeSystemMemory ();\r | |
164 | }\r | |
165 | \r | |
d4c92ade OM |
166 | // Memory Map remapping\r |
167 | if (FeaturePcdGet (PcdNorFlashRemapping)) {\r | |
168 | SerialPrint ("Secure ROM at 0x0\n\r");\r | |
169 | } else {\r | |
170 | Value = MmioRead32 (ARM_VE_SYS_CFGRW1_REG); //Scc - CFGRW1\r | |
171 | // Remap the DRAM to 0x0\r | |
172 | MmioWrite32 (ARM_VE_SYS_CFGRW1_REG, (Value & 0x0FFFFFFF) | ARM_VE_CFGRW1_REMAP_DRAM);\r | |
173 | }\r | |
174 | \r | |
1e57a462 | 175 | return RETURN_SUCCESS;\r |
176 | }\r |