1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
|
/* SPDX-License-Identifier: (BSD-2-Clause AND BSD-3-Clause) */
/*
* Copyright (c) 2015, Linaro Limited
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* Copyright (c) 2014, ARM Limited and Contributors. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* Neither the name of ARM nor the names of its contributors may be used
* to endorse or promote products derived from this software without specific
* prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef __DRIVERS_TZC400_H
#define __DRIVERS_TZC400_H
#include <stdint.h>
#include <types_ext.h>
#include <trace_levels.h>
#define TZC400_REG_SIZE 0x1000
#define BUILD_CONFIG_OFF 0x000
#define ACTION_OFF 0x004
#define GATE_KEEPER_OFF 0x008
#define SPECULATION_CTRL_OFF 0x00c
#define INT_STATUS 0x010
#define INT_CLEAR 0x014
#define FAIL_ADDRESS_LOW_OFF 0x020
#define FAIL_ADDRESS_HIGH_OFF 0x024
#define FAIL_CONTROL_OFF 0x028
#define FAIL_ID 0x02c
#define REGION_BASE_LOW_OFF 0x100
#define REGION_BASE_HIGH_OFF 0x104
#define REGION_TOP_LOW_OFF 0x108
#define REGION_TOP_HIGH_OFF 0x10c
#define REGION_ATTRIBUTES_OFF 0x110
#define REGION_ID_ACCESS_OFF 0x114
#define REGION_NUM_OFF(region) (0x20 * region)
/* ID Registers */
#define PID0_OFF 0xfe0
#define PID1_OFF 0xfe4
#define PID2_OFF 0xfe8
#define PID3_OFF 0xfec
#define PID4_OFF 0xfd0
#define PID5_OFF 0xfd4
#define PID6_OFF 0xfd8
#define PID7_OFF 0xfdc
#define CID0_OFF 0xff0
#define CID1_OFF 0xff4
#define CID2_OFF 0xff8
#define CID3_OFF 0xffc
#define BUILD_CONFIG_NF_SHIFT 24
#define BUILD_CONFIG_NF_MASK 0x3
#define BUILD_CONFIG_AW_SHIFT 8
#define BUILD_CONFIG_AW_MASK 0x3f
#define BUILD_CONFIG_NR_SHIFT 0
#define BUILD_CONFIG_NR_MASK 0x1f
/* Not describing the case where regions 1 to 8 overlap */
#define ACTION_RV_SHIFT 0
#define ACTION_RV_MASK 0x3
#define ACTION_RV_LOWOK 0x0
#define ACTION_RV_LOWERR 0x1
#define ACTION_RV_HIGHOK 0x2
#define ACTION_RV_HIGHERR 0x3
/*
* Number of gate keepers is implementation defined. But we know the max for
* this device is 4. Get implementation details from BUILD_CONFIG.
*/
#define GATE_KEEPER_OS_SHIFT 16
#define GATE_KEEPER_OS_MASK 0xf
#define GATE_KEEPER_OR_SHIFT 0
#define GATE_KEEPER_OR_MASK 0xf
#define GATE_KEEPER_FILTER_MASK 0x1
/* Speculation is enabled by default. */
#define SPECULATION_CTRL_WRITE_DISABLE (1 << 1)
#define SPECULATION_CTRL_READ_DISABLE (1 << 0)
/* Max number of filters allowed is 4. */
#define INT_STATUS_OVERLAP_SHIFT 16
#define INT_STATUS_OVERLAP_MASK 0xf
#define INT_STATUS_OVERRUN_SHIFT 8
#define INT_STATUS_OVERRUN_MASK 0xf
#define INT_STATUS_STATUS_SHIFT 0
#define INT_STATUS_STATUS_MASK 0xf
#define INT_CLEAR_CLEAR_SHIFT 0
#define INT_CLEAR_CLEAR_MASK 0xf
#define FAIL_CONTROL_DIR_SHIFT (1 << 24)
#define FAIL_CONTROL_DIR_READ 0x0
#define FAIL_CONTROL_DIR_WRITE 0x1
#define FAIL_CONTROL_NS_SHIFT (1 << 21)
#define FAIL_CONTROL_NS_SECURE 0x0
#define FAIL_CONTROL_NS_NONSECURE 0x1
#define FAIL_CONTROL_PRIV_SHIFT (1 << 20)
#define FAIL_CONTROL_PRIV_PRIV 0x0
#define FAIL_CONTROL_PRIV_UNPRIV 0x1
/*
* FAIL_ID_ID_MASK depends on AID_WIDTH which is platform specific.
* Platform should provide the value on initialisation.
*/
#define FAIL_ID_VNET_SHIFT 24
#define FAIL_ID_VNET_MASK 0xf
#define FAIL_ID_ID_SHIFT 0
/* Used along with 'enum tzc_region_attributes' below */
#define REG_ATTR_SEC_SHIFT 30
#define REG_ATTR_F_EN_SHIFT 0
#define REG_ATTR_F_EN_MASK 0xf
#define REG_ATTR_FILTER_BIT(x) ((1 << x) << REG_ATTR_F_EN_SHIFT)
#define REG_ATTR_FILTER_BIT_ALL (REG_ATTR_F_EN_MASK << \
REG_ATTR_F_EN_SHIFT)
#define REGION_ID_ACCESS_NSAID_WR_EN_SHIFT 16
#define REGION_ID_ACCESS_NSAID_RD_EN_SHIFT 0
#define REGION_ID_ACCESS_NSAID_ID_MASK 0xf
/* Macros for setting Region ID access permissions based on NSAID */
#define TZC_REGION_ACCESS_RD(id) \
((1 << (id & REGION_ID_ACCESS_NSAID_ID_MASK)) << \
REGION_ID_ACCESS_NSAID_RD_EN_SHIFT)
#define TZC_REGION_ACCESS_WR(id) \
((1 << (id & REGION_ID_ACCESS_NSAID_ID_MASK)) << \
REGION_ID_ACCESS_NSAID_WR_EN_SHIFT)
#define TZC_REGION_ACCESS_RDWR(id) \
(TZC_REGION_ACCESS_RD(id) | TZC_REGION_ACCESS_WR(id))
/* Filters are bit mapped 0 to 3. */
#define TZC400_COMPONENT_ID 0xb105f00d
/*******************************************************************************
* Function & variable prototypes
******************************************************************************/
/*
* What type of action is expected when an access violation occurs.
* The memory requested is zeroed. But we can also raise and event to
* let the system know it happened.
* We can raise an interrupt(INT) and/or cause an exception(ERR).
* TZC_ACTION_NONE - No interrupt, no Exception
* TZC_ACTION_ERR - No interrupt, raise exception -> sync external
* data abort
* TZC_ACTION_INT - Raise interrupt, no exception
* TZC_ACTION_ERR_INT - Raise interrupt, raise exception -> sync
* external data abort
*/
enum tzc_action {
TZC_ACTION_NONE = 0,
TZC_ACTION_ERR = 1,
TZC_ACTION_INT = 2,
TZC_ACTION_ERR_INT = (TZC_ACTION_ERR | TZC_ACTION_INT)
};
/*
* Controls secure access to a region. If not enabled secure access is not
* allowed to region.
*/
enum tzc_region_attributes {
TZC_REGION_S_NONE = 0,
TZC_REGION_S_RD = 1,
TZC_REGION_S_WR = 2,
TZC_REGION_S_RDWR = (TZC_REGION_S_RD | TZC_REGION_S_WR)
};
void tzc_init(vaddr_t base);
void tzc_configure_region(uint32_t filters, uint8_t region,
vaddr_t region_base, vaddr_t region_top,
enum tzc_region_attributes sec_attr,
uint32_t ns_device_access);
void tzc_enable_filters(void);
void tzc_disable_filters(void);
void tzc_set_action(enum tzc_action action);
#if TRACE_LEVEL >= TRACE_DEBUG
void tzc_dump_state(void);
#else
static inline void tzc_dump_state(void)
{
}
#endif
#endif /* __DRIVERS_TZC400_H */
|
