Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
adam.huang
Arm Trusted Firmware
Commits
af0a9618
Commit
af0a9618
authored
May 16, 2014
by
danh-arm
Browse files
Merge pull request #66 from athoelke/tzc-config-fix
Fixes for TZC configuration on FVP
parents
60bc4bbd
84dbf6ff
Changes
3
Hide whitespace changes
Inline
Side-by-side
docs/porting-guide.md
View file @
af0a9618
...
@@ -631,8 +631,10 @@ this function. This information is accessible in the `bl33_meminfo` field in
...
@@ -631,8 +631,10 @@ this function. This information is accessible in the `bl33_meminfo` field in
the
`bl31_args`
structure pointed to by
`bl2_to_bl31_args`
.
the
`bl31_args`
structure pointed to by
`bl2_to_bl31_args`
.
Platform security components are configured if required. For the Base FVP the
Platform security components are configured if required. For the Base FVP the
TZC-400 TrustZone controller is configured to grant secure and non-secure access
TZC-400 TrustZone controller is configured to only grant non-secure access
to DRAM.
to DRAM. This avoids aliasing between secure and non-secure accesses in the
TLB and cache - secure execution states can use the NS attributes in the
MMU translation tables to access the DRAM.
This function is also responsible for initializing the storage abstraction layer
This function is also responsible for initializing the storage abstraction layer
which is used to load further bootloader images.
which is used to load further bootloader images.
...
...
plat/fvp/plat_security.c
View file @
af0a9618
...
@@ -88,36 +88,33 @@ void plat_security_setup(void)
...
@@ -88,36 +88,33 @@ void plat_security_setup(void)
tzc_disable_filters
(
&
controller
);
tzc_disable_filters
(
&
controller
);
/*
/*
* Allow
full
access to all DRAM to supported devices
for the
* Allow
only non-secure
access to all DRAM to supported devices
.
*
moment.
Give access to the CPUs and Virtio. Some devices
* Give access to the CPUs and Virtio. Some devices
* would normally use the default ID so allow that too. We use
* would normally use the default ID so allow that too. We use
* t
hree different
regions to cover the
three separate blocks of
* t
wo
regions to cover the
blocks of physical memory in the FVPs.
*
memory in the FVPs. We allow secure access to DRAM to load NS
*
*
s
oftware
.
*
S
oftware
executing in the secure state, such as a secure
*
FIXME: In current models Virtio uses a reserved ID. Thi
s i
s
*
boot-loader, can access the DRAM by using the NS attribute
s i
n
*
not correct and will be fixed
.
*
the MMU translation tables and descriptors
.
*/
*/
/* Set to cover
2GB
block of DRAM */
/* Set to cover
the first
block of DRAM */
tzc_configure_region
(
&
controller
,
FILTER_SHIFT
(
0
),
1
,
tzc_configure_region
(
&
controller
,
FILTER_SHIFT
(
0
),
1
,
DRAM_BASE
,
0xFFFFFFFF
,
TZC_REGION_S_RDWR
,
DRAM_BASE
,
0xFFFFFFFF
,
TZC_REGION_S_NONE
,
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_AP
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_DEFAULT
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_DEFAULT
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_RES5
));
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_PCI
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_AP
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_VIRTIO
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_VIRTIO_OLD
));
/* Set to cover the
30GB block
*/
/* Set to cover the
second block of DRAM
*/
tzc_configure_region
(
&
controller
,
FILTER_SHIFT
(
0
),
2
,
tzc_configure_region
(
&
controller
,
FILTER_SHIFT
(
0
),
2
,
0x880000000
,
0xFFFFFFFFF
,
TZC_REGION_S_RDWR
,
0x880000000
,
0xFFFFFFFFF
,
TZC_REGION_S_NONE
,
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_AP
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_DEFAULT
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_DEFAULT
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_RES5
));
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_PCI
)
|
/* Set to cover 480GB block */
tzc_configure_region
(
&
controller
,
FILTER_SHIFT
(
0
),
3
,
0x8800000000
,
0xFFFFFFFFFF
,
TZC_REGION_S_RDWR
,
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_AP
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_AP
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_
DEFAULT
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_
VIRTIO
)
|
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_
RES5
));
TZC_REGION_ACCESS_RDWR
(
FVP_NSAID_
VIRTIO_OLD
));
/*
/*
* TODO: Interrupts are not currently supported. The only
* TODO: Interrupts are not currently supported. The only
...
...
plat/fvp/platform.h
View file @
af0a9618
...
@@ -307,18 +307,21 @@
...
@@ -307,18 +307,21 @@
/*
/*
* The NSAIDs for this platform as used to program the TZC400.
* The NSAIDs for this platform as used to program the TZC400.
* TODO:
* This list and the numbers in it is still changing on the Base FVP.
* For now only specify the NSAIDs we actually use.
*/
*/
/* The FVP has 4 bits of NSAIDs. Used with TZC FAIL_ID (ACE Lite ID width) */
/* The FVP has 4 bits of NSAIDs. Used with TZC FAIL_ID (ACE Lite ID width) */
#define FVP_AID_WIDTH 4
#define FVP_AID_WIDTH 4
/* NSAIDs used by devices in TZC filter 0 on FVP */
#define FVP_NSAID_DEFAULT 0
#define FVP_NSAID_DEFAULT 0
#define FVP_NSAID_PCI 1
#define FVP_NSAID_VIRTIO 8
/* from FVP v5.6 onwards */
#define FVP_NSAID_AP 9
/* Application Processors */
#define FVP_NSAID_AP 9
/* Application Processors */
#define FVP_NSAID_VIRTIO_OLD 15
/* until FVP v5.5 */
/* FIXME: Currently incorrectly used by Virtio */
/* NSAIDs used by devices in TZC filter 2 on FVP */
#define FVP_NSAID_RES5 15
#define FVP_NSAID_HDLCD0 2
#define FVP_NSAID_CLCD 7
/*******************************************************************************
/*******************************************************************************
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
