From 71a844453735d93c389969f6b781673654936029 Mon Sep 17 00:00:00 2001 From: Dan Handley Date: Thu, 19 Mar 2015 19:26:52 +0000 Subject: [PATCH] Add TZC function to configure region 0 Region 0 is special in TZC-400. It is possible to set the access permissions for this but not the address range or filters to which the permissions apply. Add a function for setting the region 0 access permissions. Also add some VERBOSE logging and allow assembly files to include the TZC header. Change-Id: I4389261ba10a6e5e2e43ee93d55318dc507b6648 --- drivers/arm/tzc400/tzc400.c | 41 ++++++++++++++++++++++++++++++++---- include/drivers/arm/tzc400.h | 12 ++++++++--- 2 files changed, 46 insertions(+), 7 deletions(-) diff --git a/drivers/arm/tzc400/tzc400.c b/drivers/arm/tzc400/tzc400.c index df52c9cf..cb89fda4 100644 --- a/drivers/arm/tzc400/tzc400.c +++ b/drivers/arm/tzc400/tzc400.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2014-2015, ARM Limited and Contributors. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: @@ -191,15 +191,41 @@ void tzc_init(uint64_t base) BUILD_CONFIG_NR_MASK) + 1; } +/* + * `tzc_configure_region0` is used to program region 0 into the TrustZone + * controller. Region 0 covers the whole address space that is not mapped + * to any other region, and is enabled on all filters; this cannot be + * changed. This function only changes the access permissions. + */ +void tzc_configure_region0(tzc_region_attributes_t sec_attr, + uint32_t ns_device_access) +{ + assert(tzc.base); + + VERBOSE("TZC : Configuring region 0 (sec_attr=0x%x, ns_devs=0x%x)\n", + sec_attr, ns_device_access); + + assert(sec_attr <= TZC_REGION_S_RDWR); + + /* Set secure attributes on region 0 */ + tzc_write_region_attributes(tzc.base, 0, + sec_attr << REG_ATTR_SEC_SHIFT); + + /* + * Specify which non-secure devices have permission to access + * region 0. + */ + tzc_write_region_id_access(tzc.base, 0, ns_device_access); +} + /* * `tzc_configure_region` is used to program regions into the TrustZone * controller. A region can be associated with more than one filter. The * associated filters are passed in as a bitmap (bit0 = filter0). * NOTE: - * The region 0 covers the whole address space and is enabled on all filters, - * this cannot be changed. It is, however, possible to change some region 0 - * permissions. + * Region 0 is special; it is preferable to use tzc_configure_region0 + * for this region (see comment for that function). */ void tzc_configure_region(uint32_t filters, uint8_t region, @@ -210,6 +236,13 @@ void tzc_configure_region(uint32_t filters, { assert(tzc.base); + VERBOSE("TZC : Configuring region (filters=0x%x, region=%d, ...\n", + filters, region); + VERBOSE("TZC : ... base=0x%lx, top=0x%lx, ...\n", + region_base, region_top); + VERBOSE("TZC : ... sec_attr=0x%x, ns_devs=0x%x)\n", + sec_attr, ns_device_access); + /* Do range checks on filters and regions. */ assert(((filters >> tzc.num_filters) == 0) && (region < tzc.num_regions)); diff --git a/include/drivers/arm/tzc400.h b/include/drivers/arm/tzc400.h index d62e67bc..7b951d22 100644 --- a/include/drivers/arm/tzc400.h +++ b/include/drivers/arm/tzc400.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2014-2015, ARM Limited and Contributors. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: @@ -31,7 +31,6 @@ #ifndef __TZC400_H__ #define __TZC400_H__ -#include #define BUILD_CONFIG_OFF 0x000 #define ACTION_OFF 0x004 @@ -148,9 +147,13 @@ #define TZC_REGION_ACCESS_RDWR(id) \ (TZC_REGION_ACCESS_RD(id) | TZC_REGION_ACCESS_WR(id)) -/* Filters are bit mapped 0 to 3. */ #define TZC400_COMPONENT_ID 0xb105f00d + +#ifndef __ASSEMBLY__ + +#include + /******************************************************************************* * Function & variable prototypes ******************************************************************************/ @@ -187,6 +190,8 @@ typedef enum { void tzc_init(uint64_t base); +void tzc_configure_region0(tzc_region_attributes_t sec_attr, + uint32_t ns_device_access); void tzc_configure_region(uint32_t filters, uint8_t region, uint64_t region_base, @@ -197,5 +202,6 @@ void tzc_enable_filters(void); void tzc_disable_filters(void); void tzc_set_action(tzc_action_t action); +#endif /* __ASSEMBLY__ */ #endif /* __TZC400__ */ -- 2.30.2