mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-17 01:54:22 +00:00
7e532c4bf7
Reference code: ============== rar_gen3: IPL and Secure Monitor Rev1.0.22 https://github.com/renesas-rcar/arm-trusted-firmware [rcar_gen3] Author: Takuya Sakata <takuya.sakata.wz@bp.renesas.com> Date: Thu Aug 30 21:26:41 2018 +0900 Update IPL and Secure Monitor Rev1.0.22 General Information: =================== This port has been tested on the Salvator-X Soc_id r8a7795 revision ES1.1 (uses an SPD). Build Tested: ------------- ATFW_OPT="LSI=H3 RCAR_DRAM_SPLIT=1 RCAR_LOSSY_ENABLE=1" MBEDTLS_DIR=$mbedtls $ make clean bl2 bl31 rcar PLAT=rcar ${ATFW_OPT} SPD=opteed Other dependencies: ------------------ * mbed_tls: git@github.com:ARMmbed/mbedtls.git [devel] Merge: 68dbc94 f34a4c1 Author: Simon Butcher <simon.butcher@arm.com> Date: Thu Aug 30 00:57:28 2018 +0100 * optee_os: https://github.com/BayLibre/optee_os Until it gets merged into OP-TEE, the port requires Renesas' Trusted Environment with a modification to support power management. Author: Jorge Ramirez-Ortiz <jramirez@baylibre.com> Date: Thu Aug 30 16:49:49 2018 +0200 plat-rcar: cpu-suspend: handle the power level Signed-off-by: Jorge Ramirez-Ortiz <jramirez@baylibre.com> * u-boot: The port has beent tested using mainline uboot. Author: Fabio Estevam <festevam@gmail.com> Date: Tue Sep 4 10:23:12 2018 -0300 *linux: The port has beent tested using mainline kernel. Author: Linus Torvalds <torvalds@linux-foundation.org> Date: Sun Sep 16 11:52:37 2018 -0700 Linux 4.19-rc4 Overview --------- BOOTROM starts the cpu at EL3; In this port BL2 will therefore be entered at this exception level (the Renesas' ATF reference tree [1] resets into EL1 before entering BL2 - see its bl2.ld.S) BL2 initializes DDR (and i2c to talk to the PMIC on some platforms) before determining the boot reason (cold or warm). During suspend all CPUs are switched off and the DDR is put in backup mode (some kind of self-refresh mode). This means that BL2 is always entered in a cold boot scenario. Once BL2 boots, it determines the boot reason, writes it to shared memory (BOOT_KIND_BASE) together with the BL31 parameters (PARAMS_BASE) and jumps to BL31. To all effects, BL31 is as if it is being entered in reset mode since it still needs to initialize the rest of the cores; this is the reason behind using direct shared memory access to BOOT_KIND_BASE and PARAMS_BASE instead of using registers to get to those locations (see el3_common_macros.S and bl31_entrypoint.S for the RESET_TO_BL31 use case). Depending on the boot reason BL31 initializes the rest of the cores: in case of suspend, it uses a MBOX memory region to recover the program counters. [1] https://github.com/renesas-rcar/arm-trusted-firmware Tests ----- * cpuidle ------- enable kernel's cpuidle arm_idle driver and boot * system suspend -------------- $ cat suspend.sh #!/bin/bash i2cset -f -y 7 0x30 0x20 0x0F read -p "Switch off SW23 and press return " foo echo mem > /sys/power/state * cpu hotplug: ------------ $ cat offline.sh #!/bin/bash nbr=$1 echo 0 > /sys/devices/system/cpu/cpu$nbr/online printf "ONLINE: " && cat /sys/devices/system/cpu/online printf "OFFLINE: " && cat /sys/devices/system/cpu/offline $ cat online.sh #!/bin/bash nbr=$1 echo 1 > /sys/devices/system/cpu/cpu$nbr/online printf "ONLINE: " && cat /sys/devices/system/cpu/online printf "OFFLINE: " && cat /sys/devices/system/cpu/offline Signed-off-by: ldts <jramirez@baylibre.com>
347 lines
15 KiB
C
347 lines
15 KiB
C
/*
|
|
* Copyright (c) 2015-2018, Renesas Electronics Corporation. All rights reserved.
|
|
*
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
*/
|
|
|
|
#include "axi_registers.h"
|
|
#include "lifec_registers.h"
|
|
#include "micro_delay.h"
|
|
#include "mmio.h"
|
|
#include "utils_def.h"
|
|
|
|
static void lifec_security_setting(void);
|
|
static void axi_security_setting(void);
|
|
|
|
static const struct {
|
|
uint32_t reg;
|
|
uint32_t val;
|
|
} lifec[] = {
|
|
/** LIFEC0 (SECURITY) settings */
|
|
/* Security attribute setting for master ports */
|
|
/* Bit 0: ARM realtime core (Cortex-R7) master port */
|
|
/* 0: Non-Secure */
|
|
{
|
|
SEC_SRC, 0x0000001EU},
|
|
/** Security attribute setting for slave ports 0 to 15 */
|
|
/* {SEC_SEL0, 0xFFFFFFFFU}, */
|
|
/* {SEC_SEL1, 0xFFFFFFFFU}, */
|
|
/* {SEC_SEL2, 0xFFFFFFFFU}, */
|
|
/* Bit19: AXI-Bus (Main Memory domain AXI) slave ports */
|
|
/* 0: registers accessed from secure resource only */
|
|
/* Bit 9: DBSC4 register access slave ports. */
|
|
/* 0: registers accessed from secure resource only. */
|
|
#if (LIFEC_DBSC_PROTECT_ENABLE == 1)
|
|
{
|
|
SEC_SEL3, 0xFFF7FDFFU},
|
|
#else
|
|
{
|
|
SEC_SEL3, 0xFFFFFFFFU},
|
|
#endif
|
|
/* {SEC_SEL4, 0xFFFFFFFFU}, */
|
|
/* Bit 6: Boot ROM slave ports. */
|
|
/* 0: registers accessed from secure resource only */
|
|
{
|
|
SEC_SEL5, 0xFFFFFFBFU},
|
|
/* Bit13: SCEG PKA (secure APB) slave ports */
|
|
/* 0: registers accessed from secure resource only */
|
|
/* 1: Reserved[R-Car E3] */
|
|
/* Bit12: SCEG PKA (public APB) slave ports */
|
|
/* 0: registers accessed from secure resource only */
|
|
/* 1: Reserved[R-Car E3] */
|
|
/* Bit10: SCEG Secure Core slave ports */
|
|
/* 0: registers accessed from secure resource only */
|
|
#if RCAR_LSI == RCAR_E3
|
|
{
|
|
SEC_SEL6, 0xFFFFFBFFU},
|
|
#else
|
|
{
|
|
SEC_SEL6, 0xFFFFCBFFU},
|
|
#endif
|
|
/* {SEC_SEL7, 0xFFFFFFFFU}, */
|
|
/* {SEC_SEL8, 0xFFFFFFFFU}, */
|
|
/* {SEC_SEL9, 0xFFFFFFFFU}, */
|
|
/* {SEC_SEL10, 0xFFFFFFFFU}, */
|
|
/* {SEC_SEL11, 0xFFFFFFFFU}, */
|
|
/* {SEC_SEL12, 0xFFFFFFFFU}, */
|
|
/* Bit22: RPC slave ports. */
|
|
/* 0: registers accessed from secure resource only. */
|
|
/* {SEC_SEL13, 0xFFBFFFFFU},*/
|
|
/* Bit27: System Timer (SCMT) slave ports */
|
|
/* 0: registers accessed from secure resource only */
|
|
/* Bit26: System Watchdog Timer (SWDT) slave ports */
|
|
/* 0: registers accessed from secure resource only */
|
|
{
|
|
SEC_SEL14, 0xF3FFFFFFU},
|
|
/* Bit13: RST slave ports. */
|
|
/* 0: registers accessed from secure resource only */
|
|
/* Bit 7: Life Cycle 0 slave ports */
|
|
/* 0: registers accessed from secure resource only */
|
|
{
|
|
SEC_SEL15, 0xFFFFFF3FU},
|
|
/** Security group 0 attribute setting for master ports 0 */
|
|
/** Security group 1 attribute setting for master ports 0 */
|
|
/* {SEC_GRP0CR0, 0x00000000U}, */
|
|
/* {SEC_GRP1CR0, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for master ports 1 */
|
|
/** Security group 1 attribute setting for master ports 1 */
|
|
/* {SEC_GRP0CR1, 0x00000000U}, */
|
|
/* {SEC_GRP1CR1, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for master ports 2 */
|
|
/** Security group 1 attribute setting for master ports 2 */
|
|
/* Bit17: SCEG Secure Core master ports. */
|
|
/* SecurityGroup3 */
|
|
{
|
|
SEC_GRP0CR2, 0x00020000U}, {
|
|
SEC_GRP1CR2, 0x00020000U},
|
|
/** Security group 0 attribute setting for master ports 3 */
|
|
/** Security group 1 attribute setting for master ports 3 */
|
|
/* {SEC_GRP0CR3, 0x00000000U}, */
|
|
/* {SEC_GRP1CR3, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for slave ports 0 */
|
|
/** Security group 1 attribute setting for slave ports 0 */
|
|
/* {SEC_GRP0COND0, 0x00000000U}, */
|
|
/* {SEC_GRP1COND0, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for slave ports 1 */
|
|
/** Security group 1 attribute setting for slave ports 1 */
|
|
/* {SEC_GRP0COND1, 0x00000000U}, */
|
|
/* {SEC_GRP1COND1, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for slave ports 2 */
|
|
/** Security group 1 attribute setting for slave ports 2 */
|
|
/* {SEC_GRP0COND2, 0x00000000U}, */
|
|
/* {SEC_GRP1COND2, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for slave ports 3 */
|
|
/** Security group 1 attribute setting for slave ports 3 */
|
|
/* Bit19: AXI-Bus (Main Memory domain AXI) slave ports. */
|
|
/* SecurityGroup3 */
|
|
/* Bit 9: DBSC4 register access slave ports. */
|
|
/* SecurityGroup3 */
|
|
#if (LIFEC_DBSC_PROTECT_ENABLE == 1)
|
|
{
|
|
SEC_GRP0COND3, 0x00080200U}, {
|
|
SEC_GRP1COND3, 0x00080200U},
|
|
#else
|
|
{
|
|
SEC_GRP0COND3, 0x00000000U}, {
|
|
SEC_GRP1COND3, 0x00000000U},
|
|
#endif
|
|
/** Security group 0 attribute setting for slave ports 4 */
|
|
/** Security group 1 attribute setting for slave ports 4 */
|
|
/* {SEC_GRP0COND4, 0x00000000U}, */
|
|
/* {SEC_GRP1COND4, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for slave ports 5 */
|
|
/** Security group 1 attribute setting for slave ports 5 */
|
|
/* Bit 6: Boot ROM slave ports */
|
|
/* SecurityGroup3 */
|
|
{
|
|
SEC_GRP0COND5, 0x00000040U}, {
|
|
SEC_GRP1COND5, 0x00000040U},
|
|
/** Security group 0 attribute setting for slave ports 6 */
|
|
/** Security group 1 attribute setting for slave ports 6 */
|
|
/* Bit13: SCEG PKA (secure APB) slave ports */
|
|
/* SecurityGroup3 */
|
|
/* Reserved[R-Car E3] */
|
|
/* Bit12: SCEG PKA (public APB) slave ports */
|
|
/* SecurityGroup3 */
|
|
/* Reserved[R-Car E3] */
|
|
/* Bit10: SCEG Secure Core slave ports */
|
|
/* SecurityGroup3 */
|
|
#if RCAR_LSI == RCAR_E3
|
|
{
|
|
SEC_GRP0COND6, 0x00000400U}, {
|
|
SEC_GRP1COND6, 0x00000400U},
|
|
#else
|
|
{
|
|
SEC_GRP0COND6, 0x00003400U}, {
|
|
SEC_GRP1COND6, 0x00003400U},
|
|
#endif
|
|
/** Security group 0 attribute setting for slave ports 7 */
|
|
/** Security group 1 attribute setting for slave ports 7 */
|
|
/* {SEC_GRP0COND7, 0x00000000U}, */
|
|
/* {SEC_GRP1COND7, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for slave ports 8 */
|
|
/** Security group 1 attribute setting for slave ports 8 */
|
|
/* {SEC_GRP0COND8, 0x00000000U}, */
|
|
/* {SEC_GRP1COND8, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for slave ports 9 */
|
|
/** Security group 1 attribute setting for slave ports 9 */
|
|
/* {SEC_GRP0COND9, 0x00000000U}, */
|
|
/* {SEC_GRP1COND9, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for slave ports 10 */
|
|
/** Security group 1 attribute setting for slave ports 10 */
|
|
/* {SEC_GRP0COND10, 0x00000000U}, */
|
|
/* {SEC_GRP1COND10, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for slave ports 11 */
|
|
/** Security group 1 attribute setting for slave ports 11 */
|
|
/* {SEC_GRP0COND11, 0x00000000U}, */
|
|
/* {SEC_GRP1COND11, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for slave ports 12 */
|
|
/** Security group 1 attribute setting for slave ports 12 */
|
|
/* {SEC_GRP0COND12, 0x00000000U}, */
|
|
/* {SEC_GRP1COND12, 0x00000000U}, */
|
|
/** Security group 0 attribute setting for slave ports 13 */
|
|
/** Security group 1 attribute setting for slave ports 13 */
|
|
/* Bit22: RPC slave ports. */
|
|
/* SecurityGroup3 */
|
|
/* {SEC_GRP0COND13, 0x00400000U}, */
|
|
/* {SEC_GRP1COND13, 0x00400000U}, */
|
|
/** Security group 0 attribute setting for slave ports 14 */
|
|
/** Security group 1 attribute setting for slave ports 14 */
|
|
/* Bit26: System Timer (SCMT) slave ports */
|
|
/* SecurityGroup3 */
|
|
/* Bit27: System Watchdog Timer (SWDT) slave ports */
|
|
/* SecurityGroup3 */
|
|
{
|
|
SEC_GRP0COND14, 0x0C000000U}, {
|
|
SEC_GRP1COND14, 0x0C000000U},
|
|
/** Security group 0 attribute setting for slave ports 15 */
|
|
/** Security group 1 attribute setting for slave ports 15 */
|
|
/* Bit13: RST slave ports */
|
|
/* SecurityGroup3 */
|
|
/* Bit 7: Life Cycle 0 slave ports */
|
|
/* SecurityGroup3 */
|
|
/* Bit 6: TDBG slave ports */
|
|
/* SecurityGroup3 */
|
|
{
|
|
SEC_GRP0COND15, 0x000000C0U}, {
|
|
SEC_GRP1COND15, 0x000000C0U},
|
|
/** Security write protection attribute setting slave ports 0 */
|
|
/* {SEC_READONLY0, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 1 */
|
|
/* {SEC_READONLY1, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 2 */
|
|
/* {SEC_READONLY2, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 3 */
|
|
/* {SEC_READONLY3, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 4 */
|
|
/* {SEC_READONLY4, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 5 */
|
|
/* {SEC_READONLY5, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 6 */
|
|
/* {SEC_READONLY6, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 7 */
|
|
/* {SEC_READONLY7, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 8 */
|
|
/* {SEC_READONLY8, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 9 */
|
|
/* {SEC_READONLY9, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 10 */
|
|
/* {SEC_READONLY10, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 11 */
|
|
/* {SEC_READONLY11, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 12 */
|
|
/* {SEC_READONLY12, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 13 */
|
|
/* {SEC_READONLY13, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 14 */
|
|
/* {SEC_READONLY14, 0x00000000U}, */
|
|
/** Security write protection attribute setting slave ports 15 */
|
|
/* {SEC_READONLY15, 0x00000000U} */
|
|
};
|
|
|
|
/* AXI settings */
|
|
static const struct {
|
|
uint32_t reg;
|
|
uint32_t val;
|
|
} axi[] = {
|
|
/* DRAM protection */
|
|
/* AXI dram protected area division */
|
|
{
|
|
AXI_DPTDIVCR0, 0x0E0403F0U}, {
|
|
AXI_DPTDIVCR1, 0x0E0407E0U}, {
|
|
AXI_DPTDIVCR2, 0x0E080000U}, {
|
|
AXI_DPTDIVCR3, 0x0E080000U}, {
|
|
AXI_DPTDIVCR4, 0x0E080000U}, {
|
|
AXI_DPTDIVCR5, 0x0E080000U}, {
|
|
AXI_DPTDIVCR6, 0x0E080000U}, {
|
|
AXI_DPTDIVCR7, 0x0E080000U}, {
|
|
AXI_DPTDIVCR8, 0x0E080000U}, {
|
|
AXI_DPTDIVCR9, 0x0E080000U}, {
|
|
AXI_DPTDIVCR10, 0x0E080000U}, {
|
|
AXI_DPTDIVCR11, 0x0E080000U}, {
|
|
AXI_DPTDIVCR12, 0x0E080000U}, {
|
|
AXI_DPTDIVCR13, 0x0E080000U}, {
|
|
AXI_DPTDIVCR14, 0x0E080000U},
|
|
/* AXI dram protected area setting */
|
|
{
|
|
AXI_DPTCR0, 0x0E000000U}, {
|
|
AXI_DPTCR1, 0x0E000E0EU}, {
|
|
AXI_DPTCR2, 0x0E000000U}, {
|
|
AXI_DPTCR3, 0x0E000000U}, {
|
|
AXI_DPTCR4, 0x0E000000U}, {
|
|
AXI_DPTCR5, 0x0E000000U}, {
|
|
AXI_DPTCR6, 0x0E000000U}, {
|
|
AXI_DPTCR7, 0x0E000000U}, {
|
|
AXI_DPTCR8, 0x0E000000U}, {
|
|
AXI_DPTCR9, 0x0E000000U}, {
|
|
AXI_DPTCR10, 0x0E000000U}, {
|
|
AXI_DPTCR11, 0x0E000000U}, {
|
|
AXI_DPTCR12, 0x0E000000U}, {
|
|
AXI_DPTCR13, 0x0E000000U}, {
|
|
AXI_DPTCR14, 0x0E000000U}, {
|
|
AXI_DPTCR15, 0x0E000000U},
|
|
/* SRAM ptotection */
|
|
/* AXI sram protected area division */
|
|
{
|
|
AXI_SPTDIVCR0, 0x0E0E6304U}, {
|
|
AXI_SPTDIVCR1, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR2, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR3, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR4, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR5, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR6, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR7, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR8, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR9, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR10, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR11, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR12, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR13, 0x0E0E6360U}, {
|
|
AXI_SPTDIVCR14, 0x0E0E6360U},
|
|
/* AXI sram protected area setting */
|
|
{
|
|
AXI_SPTCR0, 0x0E000E0EU}, {
|
|
AXI_SPTCR1, 0x0E000000U}, {
|
|
AXI_SPTCR2, 0x0E000000U}, {
|
|
AXI_SPTCR3, 0x0E000000U}, {
|
|
AXI_SPTCR4, 0x0E000000U}, {
|
|
AXI_SPTCR5, 0x0E000000U}, {
|
|
AXI_SPTCR6, 0x0E000000U}, {
|
|
AXI_SPTCR7, 0x0E000000U}, {
|
|
AXI_SPTCR8, 0x0E000000U}, {
|
|
AXI_SPTCR9, 0x0E000000U}, {
|
|
AXI_SPTCR10, 0x0E000000U}, {
|
|
AXI_SPTCR11, 0x0E000000U}, {
|
|
AXI_SPTCR12, 0x0E000000U}, {
|
|
AXI_SPTCR13, 0x0E000000U}, {
|
|
AXI_SPTCR14, 0x0E000000U}, {
|
|
AXI_SPTCR15, 0x0E000000U}
|
|
};
|
|
|
|
static void lifec_security_setting(void)
|
|
{
|
|
uint32_t i;
|
|
|
|
for (i = 0; i < ARRAY_SIZE(lifec); i++)
|
|
mmio_write_32(lifec[i].reg, lifec[i].val);
|
|
}
|
|
|
|
/* SRAM/DRAM protection setting */
|
|
static void axi_security_setting(void)
|
|
{
|
|
uint32_t i;
|
|
|
|
for (i = 0; i < ARRAY_SIZE(axi); i++)
|
|
mmio_write_32(axi[i].reg, axi[i].val);
|
|
}
|
|
|
|
void bl2_secure_setting(void)
|
|
{
|
|
const uint32_t delay = 10;
|
|
|
|
lifec_security_setting();
|
|
axi_security_setting();
|
|
rcar_micro_delay(delay);
|
|
|
|
return;
|
|
}
|