sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
12c5ae238ed1f6fcf2c29fa38d5ff77b15da12c9
system76-edk2/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Sec.c
oliviermartin 12c5ae238e ArmPlatformPkg: Replaced 'ArmPlatformTrustzoneSupported' by the fixed Pcd gArmTokenSpaceGuid.PcdTrustzoneSupport 
This change does not make possible to disable Trustzone from the firmware.
The firmware has to be built for Trustzone support enabled or disabled.

The memory page table are now defined as 'Normal Memory' in any case.
Except for RTSM Device Memory which as to be Secure Device Memory due
to a RTSM bug.



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12452 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-27 16:29:07 +00:00

126 lines
4.5 KiB
C
Raw Blame History

/** @file
*
* Copyright (c) 2011, ARM Limited. All rights reserved.
*
* This program and the accompanying materials
* are licensed and made available under the terms and conditions of the BSD License
* which accompanies this distribution. The full text of the license may be found at
* http://opensource.org/licenses/bsd-license.php
*
* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
*
**/
#include <Library/ArmPlatformLib.h>
#include <Library/ArmTrustZoneLib.h>
#include <Library/ArmPlatformSysConfigLib.h>
#include <Library/DebugLib.h>
#include <Library/IoLib.h>
#include <Library/PcdLib.h>
#include <Drivers/PL310L2Cache.h>
#include <ArmPlatform.h>
/**
Initialize the Secure peripherals and memory regions
If Trustzone is supported by your platform then this function makes the required initialization
of the secure peripherals and memory regions.
**/
VOID
ArmPlatformTrustzoneInit (
VOID
)
{
//
// Setup TZ Protection Controller
//
if (MmioRead32(ARM_VE_SYS_CFGRW1_REG) & ARM_VE_CFGRW1_TZASC_EN_BIT_MASK) {
ASSERT (PcdGetBool (PcdTrustzoneSupport) == TRUE);
} else {
ASSERT (PcdGetBool (PcdTrustzoneSupport) == FALSE);
}
// Set Non Secure access for all devices
TZPCSetDecProtBits(ARM_VE_TZPC_BASE, TZPC_DECPROT_0, 0xFFFFFFFF);
TZPCSetDecProtBits(ARM_VE_TZPC_BASE, TZPC_DECPROT_1, 0xFFFFFFFF);
TZPCSetDecProtBits(ARM_VE_TZPC_BASE, TZPC_DECPROT_2, 0xFFFFFFFF);
// Remove Non secure access to secure devices
TZPCClearDecProtBits(ARM_VE_TZPC_BASE, TZPC_DECPROT_0,
ARM_VE_DECPROT_BIT_TZPC | ARM_VE_DECPROT_BIT_DMC_TZASC | ARM_VE_DECPROT_BIT_NMC_TZASC | ARM_VE_DECPROT_BIT_SMC_TZASC);
TZPCClearDecProtBits(ARM_VE_TZPC_BASE, TZPC_DECPROT_2,
ARM_VE_DECPROT_BIT_EXT_MAST_TZ | ARM_VE_DECPROT_BIT_DMC_TZASC_LOCK | ARM_VE_DECPROT_BIT_NMC_TZASC_LOCK | ARM_VE_DECPROT_BIT_SMC_TZASC_LOCK);
//
// Setup TZ Address Space Controller for the SMC. Create 5 Non Secure regions (NOR0, NOR1, SRAM, SMC Peripheral regions)
//
// NOR Flash 0 non secure (BootMon)
TZASCSetRegion(ARM_VE_TZASC_BASE,1,TZASC_REGION_ENABLED,
ARM_VE_SMB_NOR0_BASE,0,
TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
// NOR Flash 1. The first half of the NOR Flash1 must be secure for the secure firmware (sec_uefi.bin)
#if EDK2_ARMVE_SECURE_SYSTEM
//Note: Your OS Kernel must be aware of the secure regions before to enable this region
TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
ARM_VE_SMB_NOR1_BASE + SIZE_32MB,0,
TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
#else
TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
ARM_VE_SMB_NOR1_BASE,0,
TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
#endif
// Base of SRAM. Only half of SRAM in Non Secure world
// First half non secure (16MB) + Second Half secure (16MB) = 32MB of SRAM
#if EDK2_ARMVE_SECURE_SYSTEM
//Note: Your OS Kernel must be aware of the secure regions before to enable this region
TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
ARM_VE_SMB_SRAM_BASE,0,
TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW);
#else
TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
ARM_VE_SMB_SRAM_BASE,0,
TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
#endif
// Memory Mapped Peripherals. All in non secure world
TZASCSetRegion(ARM_VE_TZASC_BASE,4,TZASC_REGION_ENABLED,
ARM_VE_SMB_PERIPH_BASE,0,
TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
// MotherBoard Peripherals and On-chip peripherals.
TZASCSetRegion(ARM_VE_TZASC_BASE,5,TZASC_REGION_ENABLED,
ARM_VE_SMB_MB_ON_CHIP_PERIPH_BASE,0,
TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW);
}
/**
Initialize controllers that must setup at the early stage
Some peripherals must be initialized in Secure World.
For example, some L2x0 requires to be initialized in Secure World
**/
VOID
ArmPlatformSecInitialize (
VOID
) {
// The L2x0 controller must be intialize in Secure World
L2x0CacheInit(PcdGet32(PcdL2x0ControllerBase),
PL310_TAG_LATENCIES(L2x0_LATENCY_8_CYCLES,L2x0_LATENCY_8_CYCLES,L2x0_LATENCY_8_CYCLES),
PL310_DATA_LATENCIES(L2x0_LATENCY_8_CYCLES,L2x0_LATENCY_8_CYCLES,L2x0_LATENCY_8_CYCLES),
0,~0, // Use default setting for the Auxiliary Control Register
FALSE);
// Initialize the System Configuration
ArmPlatformSysConfigInitialize ();
}
Reference in New Issue View Git Blame Copy Permalink