* [PATCH] ARM: i.MX8M: add TrustZone Address Space Controller 380 init function
@ 2022-08-15 6:43 Ahmad Fatoum
2022-08-16 6:39 ` Sascha Hauer
0 siblings, 1 reply; 2+ messages in thread
From: Ahmad Fatoum @ 2022-08-15 6:43 UTC (permalink / raw)
To: barebox; +Cc: Ahmad Fatoum
barebox running as BL2 with OP-TEE as BL32 is expected to enable TZASC,
so access to secure memory may be restricted. Add helper functions that
can be called from lowlevel code while barebox is in EL3.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
---
arch/arm/mach-imx/Makefile | 1 +
arch/arm/mach-imx/include/mach/imx8m-regs.h | 1 +
arch/arm/mach-imx/include/mach/tzasc.h | 16 +++++++
arch/arm/mach-imx/tzasc.c | 47 +++++++++++++++++++++
4 files changed, 65 insertions(+)
create mode 100644 arch/arm/mach-imx/include/mach/tzasc.h
create mode 100644 arch/arm/mach-imx/tzasc.c
diff --git a/arch/arm/mach-imx/Makefile b/arch/arm/mach-imx/Makefile
index fa5133a22958..390cdaf50218 100644
--- a/arch/arm/mach-imx/Makefile
+++ b/arch/arm/mach-imx/Makefile
@@ -19,6 +19,7 @@ obj-$(CONFIG_ARCH_IMX7) += imx7.o
obj-$(CONFIG_ARCH_VF610) += vf610.o
obj-pbl-$(CONFIG_ARCH_IMX8M) += imx8m.o
lwl-$(CONFIG_ARCH_IMX8M) += atf.o romapi.o
+obj-pbl-$(CONFIG_ARCH_IMX8M) += tzasc.o
obj-$(CONFIG_IMX_IIM) += iim.o
obj-$(CONFIG_NAND_IMX) += nand.o
lwl-$(CONFIG_ARCH_IMX_EXTERNAL_BOOT_NAND) += external-nand-boot.o
diff --git a/arch/arm/mach-imx/include/mach/imx8m-regs.h b/arch/arm/mach-imx/include/mach/imx8m-regs.h
index e1c83ee01ddc..a5017faf830e 100644
--- a/arch/arm/mach-imx/include/mach/imx8m-regs.h
+++ b/arch/arm/mach-imx/include/mach/imx8m-regs.h
@@ -30,6 +30,7 @@
#define MX8M_UART4_BASE_ADDR 0x30A60000
#define MX8M_USDHC1_BASE_ADDR 0x30B40000
#define MX8M_USDHC2_BASE_ADDR 0x30B50000
+#define MX8M_TZASC_BASE_ADDR 0x32f80000
#define MX8M_DDRC_PHY_BASE_ADDR 0x3c000000
#define MX8M_DDRC_DDR_SS_GPR0 (MX8M_DDRC_PHY_BASE_ADDR + 0x01000000)
#define MX8M_DDRC_IPS_BASE_ADDR(X) (0x3d400000 + ((X) * 0x2000000))
diff --git a/arch/arm/mach-imx/include/mach/tzasc.h b/arch/arm/mach-imx/include/mach/tzasc.h
new file mode 100644
index 000000000000..724ba50ead5f
--- /dev/null
+++ b/arch/arm/mach-imx/include/mach/tzasc.h
@@ -0,0 +1,16 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#ifndef __IMX_TZASC_H__
+#define __IMX_TZASC_H__
+
+#include <linux/types.h>
+#include <asm/system.h>
+
+void imx8mq_tzc380_init(void);
+void imx8mm_tzc380_init(void);
+void imx8mn_tzc380_init(void);
+void imx8mp_tzc380_init(void);
+
+bool tzc380_is_enabled(void);
+
+#endif
diff --git a/arch/arm/mach-imx/tzasc.c b/arch/arm/mach-imx/tzasc.c
new file mode 100644
index 000000000000..9af0b7ef65e9
--- /dev/null
+++ b/arch/arm/mach-imx/tzasc.c
@@ -0,0 +1,47 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include <mach/tzasc.h>
+#include <linux/bitops.h>
+#include <mach/imx8m-regs.h>
+#include <io.h>
+
+#define GPR_TZASC_EN BIT(0)
+#define GPR_TZASC_SWAP_ID BIT(1)
+#define GPR_TZASC_EN_LOCK BIT(16)
+
+static void enable_tzc380(bool bypass_id_swap)
+{
+ u32 __iomem *gpr = IOMEM(MX8M_IOMUXC_GPR_BASE_ADDR);
+
+ /* Enable TZASC and lock setting */
+ setbits_le32(&gpr[10], GPR_TZASC_EN);
+ setbits_le32(&gpr[10], GPR_TZASC_EN_LOCK);
+ if (bypass_id_swap)
+ setbits_le32(&gpr[10], BIT(1));
+ /*
+ * set Region 0 attribute to allow secure and non-secure
+ * read/write permission. Found some masters like usb dwc3
+ * controllers can't work with secure memory.
+ */
+ writel(0xf0000000, MX8M_TZASC_BASE_ADDR + 0x108);
+}
+
+void imx8mq_tzc380_init(void)
+{
+ enable_tzc380(false);
+}
+
+void imx8mn_tzc380_init(void) __alias(imx8mm_tzc380_init);
+void imx8mp_tzc380_init(void) __alias(imx8mm_tzc380_init);
+void imx8mm_tzc380_init(void)
+{
+ enable_tzc380(true);
+}
+
+bool tzc380_is_enabled(void)
+{
+ u32 __iomem *gpr = IOMEM(MX8M_IOMUXC_GPR_BASE_ADDR);
+
+ return (readl(&gpr[10]) & (GPR_TZASC_EN | GPR_TZASC_EN_LOCK))
+ == (GPR_TZASC_EN | GPR_TZASC_EN_LOCK);
+}
--
2.30.2
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] ARM: i.MX8M: add TrustZone Address Space Controller 380 init function
2022-08-15 6:43 [PATCH] ARM: i.MX8M: add TrustZone Address Space Controller 380 init function Ahmad Fatoum
@ 2022-08-16 6:39 ` Sascha Hauer
0 siblings, 0 replies; 2+ messages in thread
From: Sascha Hauer @ 2022-08-16 6:39 UTC (permalink / raw)
To: Ahmad Fatoum; +Cc: barebox
On Mon, Aug 15, 2022 at 08:43:25AM +0200, Ahmad Fatoum wrote:
> barebox running as BL2 with OP-TEE as BL32 is expected to enable TZASC,
> so access to secure memory may be restricted. Add helper functions that
> can be called from lowlevel code while barebox is in EL3.
>
> Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
> ---
> arch/arm/mach-imx/Makefile | 1 +
> arch/arm/mach-imx/include/mach/imx8m-regs.h | 1 +
> arch/arm/mach-imx/include/mach/tzasc.h | 16 +++++++
> arch/arm/mach-imx/tzasc.c | 47 +++++++++++++++++++++
> 4 files changed, 65 insertions(+)
> create mode 100644 arch/arm/mach-imx/include/mach/tzasc.h
> create mode 100644 arch/arm/mach-imx/tzasc.c
Applied, thanks
Sascha
>
> diff --git a/arch/arm/mach-imx/Makefile b/arch/arm/mach-imx/Makefile
> index fa5133a22958..390cdaf50218 100644
> --- a/arch/arm/mach-imx/Makefile
> +++ b/arch/arm/mach-imx/Makefile
> @@ -19,6 +19,7 @@ obj-$(CONFIG_ARCH_IMX7) += imx7.o
> obj-$(CONFIG_ARCH_VF610) += vf610.o
> obj-pbl-$(CONFIG_ARCH_IMX8M) += imx8m.o
> lwl-$(CONFIG_ARCH_IMX8M) += atf.o romapi.o
> +obj-pbl-$(CONFIG_ARCH_IMX8M) += tzasc.o
> obj-$(CONFIG_IMX_IIM) += iim.o
> obj-$(CONFIG_NAND_IMX) += nand.o
> lwl-$(CONFIG_ARCH_IMX_EXTERNAL_BOOT_NAND) += external-nand-boot.o
> diff --git a/arch/arm/mach-imx/include/mach/imx8m-regs.h b/arch/arm/mach-imx/include/mach/imx8m-regs.h
> index e1c83ee01ddc..a5017faf830e 100644
> --- a/arch/arm/mach-imx/include/mach/imx8m-regs.h
> +++ b/arch/arm/mach-imx/include/mach/imx8m-regs.h
> @@ -30,6 +30,7 @@
> #define MX8M_UART4_BASE_ADDR 0x30A60000
> #define MX8M_USDHC1_BASE_ADDR 0x30B40000
> #define MX8M_USDHC2_BASE_ADDR 0x30B50000
> +#define MX8M_TZASC_BASE_ADDR 0x32f80000
> #define MX8M_DDRC_PHY_BASE_ADDR 0x3c000000
> #define MX8M_DDRC_DDR_SS_GPR0 (MX8M_DDRC_PHY_BASE_ADDR + 0x01000000)
> #define MX8M_DDRC_IPS_BASE_ADDR(X) (0x3d400000 + ((X) * 0x2000000))
> diff --git a/arch/arm/mach-imx/include/mach/tzasc.h b/arch/arm/mach-imx/include/mach/tzasc.h
> new file mode 100644
> index 000000000000..724ba50ead5f
> --- /dev/null
> +++ b/arch/arm/mach-imx/include/mach/tzasc.h
> @@ -0,0 +1,16 @@
> +/* SPDX-License-Identifier: GPL-2.0-only */
> +
> +#ifndef __IMX_TZASC_H__
> +#define __IMX_TZASC_H__
> +
> +#include <linux/types.h>
> +#include <asm/system.h>
> +
> +void imx8mq_tzc380_init(void);
> +void imx8mm_tzc380_init(void);
> +void imx8mn_tzc380_init(void);
> +void imx8mp_tzc380_init(void);
> +
> +bool tzc380_is_enabled(void);
> +
> +#endif
> diff --git a/arch/arm/mach-imx/tzasc.c b/arch/arm/mach-imx/tzasc.c
> new file mode 100644
> index 000000000000..9af0b7ef65e9
> --- /dev/null
> +++ b/arch/arm/mach-imx/tzasc.c
> @@ -0,0 +1,47 @@
> +// SPDX-License-Identifier: GPL-2.0-only
> +
> +#include <mach/tzasc.h>
> +#include <linux/bitops.h>
> +#include <mach/imx8m-regs.h>
> +#include <io.h>
> +
> +#define GPR_TZASC_EN BIT(0)
> +#define GPR_TZASC_SWAP_ID BIT(1)
> +#define GPR_TZASC_EN_LOCK BIT(16)
> +
> +static void enable_tzc380(bool bypass_id_swap)
> +{
> + u32 __iomem *gpr = IOMEM(MX8M_IOMUXC_GPR_BASE_ADDR);
> +
> + /* Enable TZASC and lock setting */
> + setbits_le32(&gpr[10], GPR_TZASC_EN);
> + setbits_le32(&gpr[10], GPR_TZASC_EN_LOCK);
> + if (bypass_id_swap)
> + setbits_le32(&gpr[10], BIT(1));
> + /*
> + * set Region 0 attribute to allow secure and non-secure
> + * read/write permission. Found some masters like usb dwc3
> + * controllers can't work with secure memory.
> + */
> + writel(0xf0000000, MX8M_TZASC_BASE_ADDR + 0x108);
> +}
> +
> +void imx8mq_tzc380_init(void)
> +{
> + enable_tzc380(false);
> +}
> +
> +void imx8mn_tzc380_init(void) __alias(imx8mm_tzc380_init);
> +void imx8mp_tzc380_init(void) __alias(imx8mm_tzc380_init);
> +void imx8mm_tzc380_init(void)
> +{
> + enable_tzc380(true);
> +}
> +
> +bool tzc380_is_enabled(void)
> +{
> + u32 __iomem *gpr = IOMEM(MX8M_IOMUXC_GPR_BASE_ADDR);
> +
> + return (readl(&gpr[10]) & (GPR_TZASC_EN | GPR_TZASC_EN_LOCK))
> + == (GPR_TZASC_EN | GPR_TZASC_EN_LOCK);
> +}
> --
> 2.30.2
>
>
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-08-16 6:41 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-15 6:43 [PATCH] ARM: i.MX8M: add TrustZone Address Space Controller 380 init function Ahmad Fatoum
2022-08-16 6:39 ` Sascha Hauer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox