1 // SPDX-License-Identifier: BSD-2-Clause
2 /*
3 * Copyright (c) 2019-2020, STMicroelectronics
4 */
5
6 #include <assert.h>
7 #include <config.h>
8 #include <drivers/tzc400.h>
9 #include <initcall.h>
10 #include <kernel/interrupt.h>
11 #include <kernel/panic.h>
12 #include <mm/core_memprot.h>
13 #include <platform_config.h>
14 #include <trace.h>
15 #include <util.h>
16
17 #ifdef CFG_STM32MP15
18 #define TZC_FILTERS_MASK GENMASK_32(1, 0)
19 #endif
20 #ifdef CFG_STM32MP13
21 #define TZC_FILTERS_MASK GENMASK_32(0, 0)
22 #endif
23
tzc_it_handler(struct itr_handler * handler __unused)24 static enum itr_return tzc_it_handler(struct itr_handler *handler __unused)
25 {
26 EMSG("TZC permission failure");
27 tzc_fail_dump();
28
29 if (IS_ENABLED(CFG_STM32MP_PANIC_ON_TZC_PERM_VIOLATION))
30 panic();
31 else
32 tzc_int_clear();
33
34 return ITRR_HANDLED;
35 }
36
37 static struct itr_handler tzc_itr_handler = {
38 .it = STM32MP1_IRQ_TZC,
39 .handler = tzc_it_handler,
40 };
41 DECLARE_KEEP_PAGER(tzc_itr_handler);
42
tzc_region_is_non_secure(unsigned int i,vaddr_t base,size_t size)43 static bool tzc_region_is_non_secure(unsigned int i, vaddr_t base, size_t size)
44 {
45 struct tzc_region_config region_cfg = { };
46 uint32_t ns_cpu_mask = TZC_REGION_ACCESS_RDWR(STM32MP1_TZC_A7_ID);
47 uint32_t filters_mask = TZC_FILTERS_MASK;
48
49 if (tzc_get_region_config(i, ®ion_cfg))
50 panic();
51
52 return region_cfg.base == base && region_cfg.top == (base + size - 1) &&
53 region_cfg.sec_attr == TZC_REGION_S_NONE &&
54 (region_cfg.ns_device_access & ns_cpu_mask) == ns_cpu_mask &&
55 region_cfg.filters == filters_mask;
56 }
57
tzc_region_is_secure(unsigned int i,vaddr_t base,size_t size)58 static bool tzc_region_is_secure(unsigned int i, vaddr_t base, size_t size)
59 {
60 struct tzc_region_config region_cfg = { };
61 uint32_t filters_mask = TZC_FILTERS_MASK;
62
63 if (tzc_get_region_config(i, ®ion_cfg))
64 panic();
65
66 return region_cfg.base == base && region_cfg.top == (base + size - 1) &&
67 region_cfg.sec_attr == TZC_REGION_S_RDWR &&
68 region_cfg.ns_device_access == 0 &&
69 region_cfg.filters == filters_mask;
70 }
71
init_stm32mp1_tzc(void)72 static TEE_Result init_stm32mp1_tzc(void)
73 {
74 void *base = phys_to_virt(TZC_BASE, MEM_AREA_IO_SEC, 1);
75 unsigned int region_index = 1;
76 const uint64_t dram_start = DDR_BASE;
77 const uint64_t dram_end = dram_start + CFG_DRAM_SIZE;
78 const uint64_t tzdram_start = CFG_TZDRAM_START;
79 const uint64_t tzdram_size = CFG_TZDRAM_SIZE;
80 const uint64_t tzdram_end = tzdram_start + tzdram_size;
81
82 assert(base);
83
84 tzc_init((vaddr_t)base);
85 tzc_dump_state();
86
87 /*
88 * Early boot stage is in charge of configuring memory regions
89 * OP-TEE hence here only check this complies with static Core
90 * expectations.
91 */
92 if (dram_start < tzdram_start) {
93 if (!tzc_region_is_non_secure(region_index, dram_start,
94 tzdram_start - dram_start))
95 panic("Unexpected TZC area on non-secure region");
96
97 region_index++;
98 }
99
100 if (!tzc_region_is_secure(region_index, tzdram_start, tzdram_size))
101 panic("Unexpected TZC configuration on secure region");
102
103 if (tzdram_end < dram_end) {
104 region_index++;
105
106 if (!tzc_region_is_non_secure(region_index, tzdram_end,
107 dram_end - tzdram_end))
108 panic("Unexpected TZC area on non-secure region");
109 }
110
111 itr_add(&tzc_itr_handler);
112 itr_enable(tzc_itr_handler.it);
113 tzc_set_action(TZC_ACTION_INT);
114
115 return TEE_SUCCESS;
116 }
117 driver_init(init_stm32mp1_tzc);
118