#include <mmio.h>
#include <platform.h>
#include <platform_def.h>
-#include <tzc400.h>
#include "../../bl1/bl1_private.h"
#include "juno_def.h"
#include "juno_private.h"
}
-static void init_tzc400(void)
-{
- /* Enable all filter units available */
- mmio_write_32(TZC400_BASE + GATE_KEEPER_OFF, 0x0000000f);
-
- /*
- * Secure read and write are enabled for region 0, and the background
- * region (region 0) is enabled for all four filter units
- */
- mmio_write_32(TZC400_BASE + REGION_ATTRIBUTES_OFF, 0xc0000000);
-
- /*
- * Enable Non-secure read/write accesses for the Soc Devices from the
- * Non-Secure World
- */
- mmio_write_32(TZC400_BASE + REGION_ID_ACCESS_OFF,
- TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CCI400) |
- TZC_REGION_ACCESS_RDWR(TZC400_NSAID_PCIE) |
- TZC_REGION_ACCESS_RDWR(TZC400_NSAID_HDLCD0) |
- TZC_REGION_ACCESS_RDWR(TZC400_NSAID_HDLCD1) |
- TZC_REGION_ACCESS_RDWR(TZC400_NSAID_USB) |
- TZC_REGION_ACCESS_RDWR(TZC400_NSAID_DMA330) |
- TZC_REGION_ACCESS_RDWR(TZC400_NSAID_THINLINKS) |
- TZC_REGION_ACCESS_RDWR(TZC400_NSAID_AP) |
- TZC_REGION_ACCESS_RDWR(TZC400_NSAID_GPU) |
- TZC_REGION_ACCESS_RDWR(TZC400_NSAID_SCP) |
- TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CORESIGHT)
- );
-}
-
#define PCIE_SECURE_REG 0x3000
#define PCIE_SEC_ACCESS_MASK ((1 << 0) | (1 << 1)) /* REG and MEM access bits */
void bl1_platform_setup(void)
{
init_nic400();
- init_tzc400();
init_pcie();
/* Initialise the IO layer and register platform IO devices */
--- /dev/null
+/*
+ * Copyright (c) 2014, ARM Limited and Contributors. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of ARM nor the names of its contributors may be used
+ * to endorse or promote products derived from this software without specific
+ * prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <debug.h>
+#include <tzc400.h>
+#include "juno_def.h"
+
+/*******************************************************************************
+ * Initialize the TrustZone Controller. Configure Region 0 with Secure RW access
+ * and allow Non-Secure masters full access
+ ******************************************************************************/
+static void init_tzc400(void)
+{
+ tzc_init(TZC400_BASE);
+
+ /* Disable filters. */
+ tzc_disable_filters();
+
+ /* Configure region 0. Juno TZC-400 handles 40-bit addresses. */
+ tzc_configure_region(0xf, 0, 0x0ull, 0xffffffffffull,
+ TZC_REGION_S_RDWR,
+ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CCI400) |
+ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_PCIE) |
+ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_HDLCD0) |
+ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_HDLCD1) |
+ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_USB) |
+ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_DMA330) |
+ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_THINLINKS) |
+ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_AP) |
+ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_GPU) |
+ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_SCP) |
+ TZC_REGION_ACCESS_RDWR(TZC400_NSAID_CORESIGHT));
+
+ /* Raise an exception if a NS device tries to access secure memory */
+ tzc_set_action(TZC_ACTION_ERR);
+
+ /* Enable filters. */
+ tzc_enable_filters();
+}
+
+/*******************************************************************************
+ * Initialize the secure environment. At this moment only the TrustZone
+ * Controller is initialized.
+ ******************************************************************************/
+void plat_security_setup(void)
+{
+ /* Initialize the TrustZone Controller */
+ init_tzc400();
+}