The commit d76f012ea8 ("refactor(imx8m): replace magic number with
enum type") also hardcodes the domain permissions configuration for the
UARTs, causing a regression for any board using a boot console different
from UART2. Indeed, previously, the RDC_PDAP_UARTn registers were set to
the reset value (0xff), meaning all domains were enabled for read and
write access.
This patch fixes this regression by ensuring that the console always has
read/write access enabled for domain 0.
Tested on a i.MX8MN BSH SMM S2 PRO board.
Fixes: d76f012ea8 ("refactor(imx8m): replace magic number with enum type")
Change-Id: I2670bf485372f32ef45cebb72a7694a9a800f417
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Optionally take params from BL2 to offer more flexibility to BL2 on
where and if a BL32 image is expected. This uses imx_bl31_params_parse()
to check if arg0 can safely be accessed as a pointer and actually
contains a bl_params_t structure. If not, the hardcoded parameter
values are used as before.
Change-Id: I06b3012c67e43ea1e42946d863226bd93ccd4638
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
This restricts and locks all security relevant peripherals to only be
changeable by the secure world. Otherwise the normal world can simply
change the access settings and defeat all security measures put in
place.
Change-Id: I484a2c8164e58b68256d829470e00d5ec473e266
Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
This sets and locks all peripheral type-1 masters, except CAAM, access
as non-secure, so that they can't access secure world resources from the
normal world.
The CAAM itself is TrustZone aware and handles memory access between the
normal world and the secure world on its own. Pinning it as non-secure
access results in bus aborts if the secure memory region is protected by
the TZASC380.
Change-Id: Idba4d8a491ccce0491489c61e73545baab1889c4
Signed-off-by: Stefan Kerkmann <s.kerkmann@pengutronix.de>
Always map the BL32 memory can interfere with the BL33 mapping if the
BL33 is not aware of the mapping, e.g. different memory tagging
secure/non-secure. Therefore map the memory only if BL32 (opteed,
trusty) is enabled and BL33 is aware of this memory mapping.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: I9c2bf78aa6e88c93e749a9248724186fee9df864
Allow non-privileged access to all SNVS registers in case of no TEE is
available.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: I44686a3639a68c72c7eacc80691c294d5c32c9ae
Switch from IMX_BOOT_UART_BASE=0 to IMX_BOOT_UART_BASE=auto to make it
more obvious that the detection is based on the runtime autodetection.
In addition this moves the evaluation of IMX_BOOT_UART_BASE into the
makefile which removes the ugly conditional compilation as well.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: I92c13607bf81c6267f4b6aee829d74902b7f72d2
Provide a helper to detect the enabled UART device during runtime. This
lower the integration effort and make it more straight forward for
'simple' use-cases with a single UART enabled. If multiple UARTs are
enabled the first enabled is returned.
The auto-detection is enabled by setting IMX_BOOT_UART_BASE=0 to keep
the backward compatibility. For more advanced use-cases (multiple UARTs
are enabled) the user still has to provide the correct base address.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: I300a167e1a10f9aa991c8d1c3efe2c6b23f56c47
Enable PIE support so the BL31 firmware can be loaded from anywhere
within the OCRAM (SRAM). For the PIE support we only need to replace the
BL31_BASE define by the BL31_START symbol which is a relocatable and we
need to enable it by setting ENABLE_PIE := 1.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: I52e654917167f0faf6aa437da233d8faf1f2bb26
No functional change.
Introduce BLx_SIZE defines and calculate the limits based on the
BLx_BASE and the BLx_SIZE define. Also make use of SZ_128K to make it
easier to read. This is required for later BL31 PIE support since it
drops the calculation based on the BL31_LIMIT and BL31_BASE.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: I8670faa5d5a572ef230011594f3d0d594fb257d9
No functional change. Use the setup_page_tables() helper function which
does the three calls for us. Also the function has some logging support
which will be nice during debugging.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: Ic465491ff5468e812e805de56be3b6b92d245080
No functional change.
Introduce the bl_regions array to gather all regions and make use of the
MAP_REGION_FLAT() macro. The array is than passed to mmap_add() to map
all regions. While on it introduce some defines so the addr, size and
flags can be read more easily.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: I9f0ae9fc89514db71bef734b867c46574833831c
In order for HAB to perform operations, memory regions has to be mapped
in TF-A, which HAB ROM code would use internally.
Include those memory blocks for i.MX8MM SoC. Of a special note, the DRAM
block is mapped with complete size available on the platform and uses
MT_RW attributes, this is required to minimize the size of translation
tables and provide a possibility to exchange the execution results
between EL3 and EL1&2, see details in [1].
Link: [1]: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/16880
Signed-off-by: Andrey Zhizhikin <andrey.zhizhikin@leica-geosystems.com>
Change-Id: I6a3a3d7105b85c2f4ab6ea6cfbca67c9a325eb11
CAAM provides serial output during initialization, but the serial init
occurs after CAAM. This leads to serial output produced by CAAM init
function to be omitted and not displayed.
Change the order of initialization and call CAAM init after Serial. This
has no impact as Serial does not require CAAM to be initialized upfront.
Fixes: 2502709f60 ("plat: imx8m: Add caam module init on imx8m")
Signed-off-by: Andrey Zhizhikin <andrey.zhizhikin@leica-geosystems.com>
Cc: Jacky Bai <ping.bai@nxp.com>
Change-Id: I09c0a5474a1babfb0b53c4455891689ec08b5bdb
Add trusty support for imx8mm, default load address
and size of trusty are 0xbe000000 anx 0x2000000.
Signed-off-by: Ji Luo <ji.luo@nxp.com>
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I3f8b1adc08933e38a39f1ab1723947319d19a703
spd trusty requires memory dynamic mapping feature to be
enabled, so we have to use xlat table library v2 instead
of v1.
Signed-off-by: Ji Luo <ji.luo@nxp.com>
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I2813af9c7878b1fc2a59e27619c5b643af6a1e91
Enable the CSU init on i.MX8M SoC family. The 'csu_cfg' array
is just a placeholder for now as example with limited config listed.
In real use case,user can add the CSU config as needed based on system design.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I1f7999efa346f18f6625ed8c478d088ed75f7833
Replace those RDC config related magic numbers with enum type
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I6245ccfa74d079179dc0f205980c2daf5c7af786
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I058f793e4024fa7291e432f5be374a77faf16f36
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Add the basic support for opteed SPD on imx8mq & imx8mm.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I6c4855c89dea78d13d172c3d86cf047f829e51ce
Add the basic support for RDC init/config driver,
this module driver can be enhanced more if necessary.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I290dc378d0d85671435f9de46d5aa790b4e006c8
CAAM module must be initialized in secure world
before it can be used in non-secure world.
Change-Id: I042893667ddef99d8b6fc3902847d516d8591996
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
AIPSTZ provide access control for all the peripherals connected
to it. In this patch all the perperals are configured accessible
to all the master. it can be customized based the actual use
case.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I5ef5baa1da6906f13a60923d27ede336c61e319a
The i.MX8M Mini is new SOC of the i.MX8M family. it is
focused on delivering the latest and greatest video and
audio experience combining state-of-the-art media-specific
features with high-performance processing while optimized
for lowest power consumption. The i.MX 8M Mini Media Applications
Processor is 14nm FinFET product of the growing i.MX8M family
targeting the consumer & industrial market. It is built in 14LPP
to achieve both high performance and low power consumption
and relies on a powerful fully coherent core complex based on
a quad Cortex-A53 cluster with video and graphics accelerators
this patch add the basic support for i.MX8MM.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
