Commit 71a84445 authored by Dan Handley's avatar Dan Handley
Browse files

Add TZC function to configure region 0

Region 0 is special in TZC-400. It is possible to set the access
permissions for this but not the address range or filters to which
the permissions apply. Add a function for setting the region 0
access permissions.

Also add some VERBOSE logging and allow assembly files to include
the TZC header.

Change-Id: I4389261ba10a6e5e2e43ee93d55318dc507b6648
parent da85170d
/* /*
* Copyright (c) 2014, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2014-2015, ARM Limited and Contributors. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met: * modification, are permitted provided that the following conditions are met:
...@@ -191,15 +191,41 @@ void tzc_init(uint64_t base) ...@@ -191,15 +191,41 @@ void tzc_init(uint64_t base)
BUILD_CONFIG_NR_MASK) + 1; BUILD_CONFIG_NR_MASK) + 1;
} }
/*
* `tzc_configure_region0` is used to program region 0 into the TrustZone
* controller. Region 0 covers the whole address space that is not mapped
* to any other region, and is enabled on all filters; this cannot be
* changed. This function only changes the access permissions.
*/
void tzc_configure_region0(tzc_region_attributes_t sec_attr,
uint32_t ns_device_access)
{
assert(tzc.base);
VERBOSE("TZC : Configuring region 0 (sec_attr=0x%x, ns_devs=0x%x)\n",
sec_attr, ns_device_access);
assert(sec_attr <= TZC_REGION_S_RDWR);
/* Set secure attributes on region 0 */
tzc_write_region_attributes(tzc.base, 0,
sec_attr << REG_ATTR_SEC_SHIFT);
/*
* Specify which non-secure devices have permission to access
* region 0.
*/
tzc_write_region_id_access(tzc.base, 0, ns_device_access);
}
/* /*
* `tzc_configure_region` is used to program regions into the TrustZone * `tzc_configure_region` is used to program regions into the TrustZone
* controller. A region can be associated with more than one filter. The * controller. A region can be associated with more than one filter. The
* associated filters are passed in as a bitmap (bit0 = filter0). * associated filters are passed in as a bitmap (bit0 = filter0).
* NOTE: * NOTE:
* The region 0 covers the whole address space and is enabled on all filters, * Region 0 is special; it is preferable to use tzc_configure_region0
* this cannot be changed. It is, however, possible to change some region 0 * for this region (see comment for that function).
* permissions.
*/ */
void tzc_configure_region(uint32_t filters, void tzc_configure_region(uint32_t filters,
uint8_t region, uint8_t region,
...@@ -210,6 +236,13 @@ void tzc_configure_region(uint32_t filters, ...@@ -210,6 +236,13 @@ void tzc_configure_region(uint32_t filters,
{ {
assert(tzc.base); assert(tzc.base);
VERBOSE("TZC : Configuring region (filters=0x%x, region=%d, ...\n",
filters, region);
VERBOSE("TZC : ... base=0x%lx, top=0x%lx, ...\n",
region_base, region_top);
VERBOSE("TZC : ... sec_attr=0x%x, ns_devs=0x%x)\n",
sec_attr, ns_device_access);
/* Do range checks on filters and regions. */ /* Do range checks on filters and regions. */
assert(((filters >> tzc.num_filters) == 0) && assert(((filters >> tzc.num_filters) == 0) &&
(region < tzc.num_regions)); (region < tzc.num_regions));
......
/* /*
* Copyright (c) 2014, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2014-2015, ARM Limited and Contributors. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met: * modification, are permitted provided that the following conditions are met:
...@@ -31,7 +31,6 @@ ...@@ -31,7 +31,6 @@
#ifndef __TZC400_H__ #ifndef __TZC400_H__
#define __TZC400_H__ #define __TZC400_H__
#include <stdint.h>
#define BUILD_CONFIG_OFF 0x000 #define BUILD_CONFIG_OFF 0x000
#define ACTION_OFF 0x004 #define ACTION_OFF 0x004
...@@ -148,9 +147,13 @@ ...@@ -148,9 +147,13 @@
#define TZC_REGION_ACCESS_RDWR(id) \ #define TZC_REGION_ACCESS_RDWR(id) \
(TZC_REGION_ACCESS_RD(id) | TZC_REGION_ACCESS_WR(id)) (TZC_REGION_ACCESS_RD(id) | TZC_REGION_ACCESS_WR(id))
/* Filters are bit mapped 0 to 3. */
#define TZC400_COMPONENT_ID 0xb105f00d #define TZC400_COMPONENT_ID 0xb105f00d
#ifndef __ASSEMBLY__
#include <stdint.h>
/******************************************************************************* /*******************************************************************************
* Function & variable prototypes * Function & variable prototypes
******************************************************************************/ ******************************************************************************/
...@@ -187,6 +190,8 @@ typedef enum { ...@@ -187,6 +190,8 @@ typedef enum {
void tzc_init(uint64_t base); void tzc_init(uint64_t base);
void tzc_configure_region0(tzc_region_attributes_t sec_attr,
uint32_t ns_device_access);
void tzc_configure_region(uint32_t filters, void tzc_configure_region(uint32_t filters,
uint8_t region, uint8_t region,
uint64_t region_base, uint64_t region_base,
...@@ -197,5 +202,6 @@ void tzc_enable_filters(void); ...@@ -197,5 +202,6 @@ void tzc_enable_filters(void);
void tzc_disable_filters(void); void tzc_disable_filters(void);
void tzc_set_action(tzc_action_t action); void tzc_set_action(tzc_action_t action);
#endif /* __ASSEMBLY__ */
#endif /* __TZC400__ */ #endif /* __TZC400__ */
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment