CTCaer/switch-l4t-atf
1
0
Fork 0
mirror of https://github.com/CTCaer/switch-l4t-atf.git synced 2024-12-12 12:46:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Juno: Add support for TrustZone Media Protection 1 (TZMP1)

Browse Source 
Add TZMP1 support on Juno and increase the BL2 size accordingly due to the
extra data structures to describe the TZC regions and the additional code.

Signed-off-by: Summer Qin <summer.qin@arm.com>
This commit is contained in:
Summer Qin 2018-03-02 15:51:14 +08:00
parent 23411d2c4a
commit 60a23fd8de
5 changed files with 179 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/user-guide.rst
View File

@ -783,6 +783,12 @@ Arm FVP platform specific build options
HW_CONFIG blob instead of the DTS file. This option is useful to override
the default HW_CONFIG selected by the build system.
ARM JUNO platform specific build options
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- ``JUNO_TZMP1`` : Boolean option to configure Juno to be used for TrustZone
Media Protection (TZ-MP1). Default value of this flag is 0.
Debugging options
~~~~~~~~~~~~~~~~~

4
plat/arm/board/juno/include/platform_def.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2014-2017, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2014-2018, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -115,7 +115,7 @@
# define PLAT_ARM_MAX_BL2_SIZE 0x1B000
#endif
#else
# define PLAT_ARM_MAX_BL2_SIZE 0xD000
# define PLAT_ARM_MAX_BL2_SIZE 0xE000
#endif
/*

79
plat/arm/board/juno/juno_security.c
View File

@ -4,12 +4,77 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <debug.h>
#include <mmio.h>
#include <nic_400.h>
#include <plat_arm.h>
#include <soc_css.h>
#include "juno_def.h"
#include "juno_def.h"
#include "juno_tzmp1_def.h"
#ifdef JUNO_TZMP1
/*
* Protect buffer for VPU/GPU/DPU memory usage with hardware protection
* enabled. Propose 224MB video output, 96 MB video input and 32MB video
* private.
*
* Ind Memory Range Caption S_ATTR NS_ATTR
* 1 0x080000000 - 0x0E7FFFFFF ARM_NS_DRAM1 NONE RDWR | MEDIA_RW
* 2 0x0E8000000 - 0x0F5FFFFFF JUNO_MEDIA_TZC_PROT_DRAM1 NONE MEDIA_RW | AP_WR
* 3 0x0F6000000 - 0x0FBFFFFFF JUNO_VPU_TZC_PROT_DRAM1 RDWR VPU_PROT_RW
* 4 0x0FC000000 - 0x0FDFFFFFF JUNO_VPU_TZC_PRIV_DRAM1 RDWR VPU_PRIV_RW
* 5 0x0FE000000 - 0x0FEFFFFFF JUNO_AP_TZC_SHARE_DRAM1 NONE RDWR | MEDIA_RW
* 6 0x0FF000000 - 0x0FFFFFFFF ARM_AP_TZC_DRAM1 RDWR NONE
* 7 0x880000000 - 0x9FFFFFFFF ARM_DRAM2 NONE RDWR | MEDIA_RW
*
* Memory regions are neighbored to save limited TZC regions. Calculation
* started from ARM_TZC_SHARE_DRAM1 since it is known and fixed for both
* protected-enabled and protected-disabled settings.
*
* Video private buffer aheads of ARM_TZC_SHARE_DRAM1
*/
static const arm_tzc_regions_info_t juno_tzmp1_tzc_regions[] = {
{ARM_AP_TZC_DRAM1_BASE, ARM_AP_TZC_DRAM1_END, TZC_REGION_S_RDWR, 0},
{JUNO_NS_DRAM1_PT1_BASE, JUNO_NS_DRAM1_PT1_END,
TZC_REGION_S_NONE, JUNO_MEDIA_TZC_NS_DEV_ACCESS},
{JUNO_MEDIA_TZC_PROT_DRAM1_BASE, JUNO_MEDIA_TZC_PROT_DRAM1_END,
TZC_REGION_S_NONE, JUNO_MEDIA_TZC_PROT_ACCESS},
{JUNO_VPU_TZC_PROT_DRAM1_BASE, JUNO_VPU_TZC_PROT_DRAM1_END,
TZC_REGION_S_RDWR, JUNO_VPU_TZC_PROT_ACCESS},
{JUNO_VPU_TZC_PRIV_DRAM1_BASE, JUNO_VPU_TZC_PRIV_DRAM1_END,
TZC_REGION_S_RDWR, JUNO_VPU_TZC_PRIV_ACCESS},
{JUNO_AP_TZC_SHARE_DRAM1_BASE, JUNO_AP_TZC_SHARE_DRAM1_END,
TZC_REGION_S_NONE, JUNO_MEDIA_TZC_NS_DEV_ACCESS},
{ARM_DRAM2_BASE, ARM_DRAM2_END,
TZC_REGION_S_NONE, JUNO_MEDIA_TZC_NS_DEV_ACCESS},
{},
};
/*******************************************************************************
* Program dp650 to configure NSAID value for protected mode.
******************************************************************************/
static void init_dp650(void)
{
mmio_write_32(DP650_BASE + DP650_PROT_NSAID_OFFSET,
DP650_PROT_NSAID_CONFIG);
}
/*******************************************************************************
* Program v550 to configure NSAID value for protected mode.
******************************************************************************/
static void init_v550(void)
{
/*
* bits[31:28] is for PRIVATE,
* bits[27:24] is for OUTBUF,
* bits[23:20] is for PROTECTED.
*/
mmio_write_32(V550_BASE + V550_PROTCTRL_OFFSET, V550_PROTCTRL_CONFIG);
}
#endif /* JUNO_TZMP1 */
/*******************************************************************************
* Set up the MMU-401 SSD tables. The power-on configuration has all stream IDs
@ -59,11 +124,23 @@ void plat_arm_security_setup(void)
/* Initialize debug configuration */
init_debug_cfg();
/* Initialize the TrustZone Controller */
#ifdef JUNO_TZMP1
arm_tzc400_setup(juno_tzmp1_tzc_regions);
INFO("TZC protected shared memory base address for TZMP usecase: %p\n",
(void *)JUNO_AP_TZC_SHARE_DRAM1_BASE);
INFO("TZC protected shared memory end address for TZMP usecase: %p\n",
(void *)JUNO_AP_TZC_SHARE_DRAM1_END);
#else
arm_tzc400_setup(NULL);
#endif
/* Do ARM CSS internal NIC setup */
css_init_nic400();
/* Do ARM CSS SoC security setup */
soc_css_security_setup();
/* Initialize the SMMU SSD tables */
init_mmu401();
#ifdef JUNO_TZMP1
init_dp650();
init_v550();
#endif
}

85
plat/arm/board/juno/juno_tzmp1_def.h Normal file
View File

@ -0,0 +1,85 @@
/*
* Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef __JUNO_TZMP1_DEF_H__
#define __JUNO_TZMP1_DEF_H__
#include <plat_arm.h>
/*
* Public memory regions for both protected and non-protected mode
*
* OPTEE shared memory 0xFEE00000 - 0xFEFFFFFF
*/
#define JUNO_AP_TZC_SHARE_DRAM1_SIZE ULL(0x02000000)
#define JUNO_AP_TZC_SHARE_DRAM1_BASE (ARM_AP_TZC_DRAM1_BASE - \
JUNO_AP_TZC_SHARE_DRAM1_SIZE)
#define JUNO_AP_TZC_SHARE_DRAM1_END (ARM_AP_TZC_DRAM1_BASE - 1)
/* ARM_MEDIA_FEATURES for MEDIA GPU Protect Mode Test */
#define JUNO_TZC400_NSAID_FPGA_MEDIA_SECURE 8 /* GPU/DPU protected, VPU outbuf */
#define JUNO_TZC400_NSAID_FPGA_VIDEO_PROTECTED 7 /* VPU protected */
#define JUNO_TZC400_NSAID_FPGA_VIDEO_PRIVATE 10 /* VPU private (firmware) */
#define JUNO_VPU_TZC_PRIV_DRAM1_SIZE ULL(0x02000000)
#define JUNO_VPU_TZC_PRIV_DRAM1_BASE (JUNO_AP_TZC_SHARE_DRAM1_BASE - \
JUNO_VPU_TZC_PRIV_DRAM1_SIZE)
#define JUNO_VPU_TZC_PRIV_DRAM1_END (JUNO_AP_TZC_SHARE_DRAM1_BASE - 1)
/* Video input protected buffer follows upper item */
#define JUNO_VPU_TZC_PROT_DRAM1_SIZE ULL(0x06000000)
#define JUNO_VPU_TZC_PROT_DRAM1_BASE (JUNO_VPU_TZC_PRIV_DRAM1_BASE - \
JUNO_VPU_TZC_PROT_DRAM1_SIZE)
#define JUNO_VPU_TZC_PROT_DRAM1_END (JUNO_VPU_TZC_PRIV_DRAM1_BASE - 1)
/* Video, graphics and display shares same NSAID and same protected buffer */
#define JUNO_MEDIA_TZC_PROT_DRAM1_SIZE ULL(0x0e000000)
#define JUNO_MEDIA_TZC_PROT_DRAM1_BASE (JUNO_VPU_TZC_PROT_DRAM1_BASE - \
JUNO_MEDIA_TZC_PROT_DRAM1_SIZE)
#define JUNO_MEDIA_TZC_PROT_DRAM1_END (JUNO_VPU_TZC_PROT_DRAM1_BASE - 1)
/* Rest of DRAM1 are Non-Secure public buffer */
#define JUNO_NS_DRAM1_PT1_BASE ARM_DRAM1_BASE
#define JUNO_NS_DRAM1_PT1_END (JUNO_MEDIA_TZC_PROT_DRAM1_BASE - 1)
#define JUNO_NS_DRAM1_PT1_SIZE (JUNO_NS_DRAM1_PT1_END - \
JUNO_NS_DRAM1_PT1_BASE + 1)
/* TZC filter flags */
#define JUNO_MEDIA_TZC_NS_DEV_ACCESS (PLAT_ARM_TZC_NS_DEV_ACCESS | \
TZC_REGION_ACCESS_RD(JUNO_TZC400_NSAID_FPGA_MEDIA_SECURE))
/* VPU / GPU /DPU protected access */
#define JUNO_MEDIA_TZC_PROT_ACCESS \
(TZC_REGION_ACCESS_RDWR(JUNO_TZC400_NSAID_FPGA_MEDIA_SECURE) | \
TZC_REGION_ACCESS_WR(TZC400_NSAID_AP))
#define JUNO_VPU_TZC_PROT_ACCESS \
(TZC_REGION_ACCESS_RDWR(JUNO_TZC400_NSAID_FPGA_VIDEO_PROTECTED))
#define JUNO_VPU_TZC_PRIV_ACCESS \
(TZC_REGION_ACCESS_RDWR(JUNO_TZC400_NSAID_FPGA_VIDEO_PRIVATE))
/*******************************************************************************
* Mali-DP650 related constants
******************************************************************************/
/* Base address of DP650 */
#define DP650_BASE 0x6f200000
/* offset to PROT_NSAID register */
#define DP650_PROT_NSAID_OFFSET 0x10004
/* config to PROT_NSAID register */
#define DP650_PROT_NSAID_CONFIG 0x08008888
/*******************************************************************************
* Mali-V550 related constants
******************************************************************************/
/* Base address of V550 */
#define V550_BASE 0x6f030000
/* offset to PROTCTRL register */
#define V550_PROTCTRL_OFFSET 0x0040
/* config to PROTCTRL register */
#define V550_PROTCTRL_CONFIG 0xa8700000
#endif /* __JUNO_TZMP1_DEF_H__ */

9
plat/arm/board/juno/platform.mk
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2013-2017, ARM Limited and Contributors. All rights reserved.
# Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@ -31,6 +31,13 @@ JUNO_AARCH32_EL3_RUNTIME := 0
$(eval $(call assert_boolean,JUNO_AARCH32_EL3_RUNTIME))
$(eval $(call add_define,JUNO_AARCH32_EL3_RUNTIME))
# Flag to enable support for TZMP1 on JUNO
JUNO_TZMP1 := 0
$(eval $(call assert_boolean,JUNO_TZMP1))
ifeq (${JUNO_TZMP1}, 1)
$(eval $(call add_define,JUNO_TZMP1))
endif
ifeq (${JUNO_AARCH32_EL3_RUNTIME}, 1)
# Include BL32 in FIP
NEED_BL32 := yes