diff options
| author | Andre Przywara <andre.przywara@arm.com> | 2016-05-16 02:03:15 +0100 |
|---|---|---|
| committer | Andre Przywara <andre.przywara@arm.com> | 2016-06-02 01:29:48 +0100 |
| commit | 7e993f79321991eae05352f857c2ed16fa26196f (patch) | |
| tree | e4704ef8aa24599e55b2e8b43296738585eb705e | |
| parent | 3fe2fe1e5161bd6707e4f1f392fbd5e17513d4eb (diff) | |
sun50i: switch RSB and SRAM1 to be secure-only
The default security setup makes all peripherals available to the
non-secure world.
Set the RSB (which connects to the PMIC, which is exclusively controlled
by firmware) and SRAM A1 to be secure-only.
This prevents accidental (or malicious) tinkering with the PMIC, which is
potentially harmful to the board.
NOTE: This does not seem to work as expected, since access is apparently
still possile from the non-secure side.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
| -rw-r--r-- | plat/sun50iw1p1/sunxi_security.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/plat/sun50iw1p1/sunxi_security.c b/plat/sun50iw1p1/sunxi_security.c index 57e34f4..581e479 100644 --- a/plat/sun50iw1p1/sunxi_security.c +++ b/plat/sun50iw1p1/sunxi_security.c @@ -38,7 +38,9 @@ #define SPC_BASE 0x1c23400ULL -#define SPC_DECPORT_SET_REG(p) (SPC_BASE + ((p) * 0x10) + 0x8) +#define SPC_DECPORT_STA_REG(p) (SPC_BASE + ((p) * 0x0c) + 0x4) +#define SPC_DECPORT_SET_REG(p) (SPC_BASE + ((p) * 0x0c) + 0x8) +#define SPC_DECPORT_CLR_REG(p) (SPC_BASE + ((p) * 0x0c) + 0xc) /* * For the moment we assume that all security programming is done by the @@ -52,9 +54,16 @@ void sunxi_security_setup(void) NOTICE("Configuring SPC Controller\n"); + /* set all devices to non-secure */ for (i = 0; i < 6; i++) mmio_write_32(SPC_DECPORT_SET_REG(i), 0xff); + + /* switch RSB to secure */ + mmio_write_32(SPC_DECPORT_CLR_REG(3), 0x08); + /* switch SRAM A1 to secure */ + mmio_write_32(SPC_DECPORT_CLR_REG(1), 0x08); + /* set CCMU mbus_sec, bus_sec, pll_sec to non-secure */ mmio_write_32(0x01c20000+0x2f0, 0x7); |