ldr x0, =secondary_boot_func
blr x0
2:
+
+#ifdef CONFIG_FSL_TZPC_BP147
+ /* Set Non Secure access for all devices protected via TZPC */
+ ldr x1, =TZPCDECPROT_0_SET_BASE /* Decode Protection-0 Set Reg */
+ orr w0, w0, #1 << 3 /* DCFG_RESET is accessible from NS world */
+ str w0, [x1]
+
+ isb
+ dsb sy
+#endif
+
+#ifdef CONFIG_FSL_TZASC_400
+ /* Set TZASC so that:
+ * a. We use only Region0 whose global secure write/read is EN
+ * b. We use only Region0 whose NSAID write/read is EN
+ *
+ * NOTE: As per the CCSR map doc, TZASC 3 and TZASC 4 are just
+ * placeholders.
+ */
+ ldr x1, =TZASC_GATE_KEEPER(0)
+ ldr x0, [x1] /* Filter 0 Gate Keeper Register */
+ orr x0, x0, #1 << 0 /* Set open_request for Filter 0 */
+ str x0, [x1]
+
+ ldr x1, =TZASC_GATE_KEEPER(1)
+ ldr x0, [x1] /* Filter 0 Gate Keeper Register */
+ orr x0, x0, #1 << 0 /* Set open_request for Filter 0 */
+ str x0, [x1]
+
+ ldr x1, =TZASC_REGION_ATTRIBUTES_0(0)
+ ldr x0, [x1] /* Region-0 Attributes Register */
+ orr x0, x0, #1 << 31 /* Set Sec global write en, Bit[31] */
+ orr x0, x0, #1 << 30 /* Set Sec global read en, Bit[30] */
+ str x0, [x1]
+
+ ldr x1, =TZASC_REGION_ATTRIBUTES_0(1)
+ ldr x0, [x1] /* Region-1 Attributes Register */
+ orr x0, x0, #1 << 31 /* Set Sec global write en, Bit[31] */
+ orr x0, x0, #1 << 30 /* Set Sec global read en, Bit[30] */
+ str x0, [x1]
+
+ ldr x1, =TZASC_REGION_ID_ACCESS_0(0)
+ ldr w0, [x1] /* Region-0 Access Register */
+ mov w0, #0xFFFFFFFF /* Set nsaid_wr_en and nsaid_rd_en */
+ str w0, [x1]
+
+ ldr x1, =TZASC_REGION_ID_ACCESS_0(1)
+ ldr w0, [x1] /* Region-1 Attributes Register */
+ mov w0, #0xFFFFFFFF /* Set nsaid_wr_en and nsaid_rd_en */
+ str w0, [x1]
+
+ isb
+ dsb sy
+#endif
mov lr, x29 /* Restore LR */
ret
ENDPROC(lowlevel_init)
#define I2C3_BASE_ADDR (CONFIG_SYS_IMMR + 0x01020000)
#define I2C4_BASE_ADDR (CONFIG_SYS_IMMR + 0x01030000)
+/* TZ Protection Controller Definitions */
+#define TZPC_BASE 0x02200000
+#define TZPCR0SIZE_BASE (TZPC_BASE)
+#define TZPCDECPROT_0_STAT_BASE (TZPC_BASE + 0x800)
+#define TZPCDECPROT_0_SET_BASE (TZPC_BASE + 0x804)
+#define TZPCDECPROT_0_CLR_BASE (TZPC_BASE + 0x808)
+#define TZPCDECPROT_1_STAT_BASE (TZPC_BASE + 0x80C)
+#define TZPCDECPROT_1_SET_BASE (TZPC_BASE + 0x810)
+#define TZPCDECPROT_1_CLR_BASE (TZPC_BASE + 0x814)
+#define TZPCDECPROT_2_STAT_BASE (TZPC_BASE + 0x818)
+#define TZPCDECPROT_2_SET_BASE (TZPC_BASE + 0x81C)
+#define TZPCDECPROT_2_CLR_BASE (TZPC_BASE + 0x820)
+
+/* TZ Address Space Controller Definitions */
+#define TZASC1_BASE 0x01100000 /* as per CCSR map. */
+#define TZASC2_BASE 0x01110000 /* as per CCSR map. */
+#define TZASC3_BASE 0x01120000 /* as per CCSR map. */
+#define TZASC4_BASE 0x01130000 /* as per CCSR map. */
+#define TZASC_BUILD_CONFIG_REG(x) ((TZASC1_BASE + (x * 0x10000)))
+#define TZASC_ACTION_REG(x) ((TZASC1_BASE + (x * 0x10000)) + 0x004)
+#define TZASC_GATE_KEEPER(x) ((TZASC1_BASE + (x * 0x10000)) + 0x008)
+#define TZASC_REGION_BASE_LOW_0(x) ((TZASC1_BASE + (x * 0x10000)) + 0x100)
+#define TZASC_REGION_BASE_HIGH_0(x) ((TZASC1_BASE + (x * 0x10000)) + 0x104)
+#define TZASC_REGION_TOP_LOW_0(x) ((TZASC1_BASE + (x * 0x10000)) + 0x108)
+#define TZASC_REGION_TOP_HIGH_0(x) ((TZASC1_BASE + (x * 0x10000)) + 0x10C)
+#define TZASC_REGION_ATTRIBUTES_0(x) ((TZASC1_BASE + (x * 0x10000)) + 0x110)
+#define TZASC_REGION_ID_ACCESS_0(x) ((TZASC1_BASE + (x * 0x10000)) + 0x114)
+
/* Generic Interrupt Controller Definitions */
#define GICD_BASE 0x06000000
#define GICR_BASE 0x06100000
--- /dev/null
+Freescale ARM64 SoCs like LS2085A have ARM TrustZone components like
+TZPC-BP147 (TrustZone Protection Controller) and TZASC-400 (TrustZone
+Address Space Controller).
+
+While most of the configuration related programming of these peripherals
+is left to a root-of-trust security software layer (running in EL3
+privilege mode), but still some configurations of these peripherals
+might be required while the bootloader is executing in EL3 privilege
+mode. The following sections define how to turn on these features for
+LS2085A like SoCs.
+
+TZPC-BP147 (TrustZone Protection Controller)
+============================================
+- Depends on CONFIG_FSL_TZPC_BP147 configuration flag.
+- Separates Secure World and Normal World on-chip RAM (OCRAM) spaces.
+- Provides a programming model to set access control policy via the TZPC
+ TZDECPROT Registers.
+
+TZASC-400 (TrustZone Address Space Controller)
+==============================================
+- Depends on CONFIG_FSL_TZASC_400 configuration flag.
+- Separates Secure World and Normal World external memory spaces for bus masters
+ such as processors and DMA-equipped peripherals.
+- Supports 8 fully programmable address regions, initially inactive at reset,
+ and one base region, always active, that covers the remaining address space.
#define CONFIG_FSL_LSCH3
#define CONFIG_LS2085A
#define CONFIG_GICV3
+#define CONFIG_FSL_TZPC_BP147
/* Link Definitions */
#define CONFIG_SYS_TEXT_BASE 0x30001000