arm: socfpga: Move firewall code to firewall file
Move firewall related code to new firewall.c, to share
code in Stratix 10 and Agilex.
SDMMC will transfer data to OCRAM in SPL. So, enable privilege for SDMMC
to allow DMA transfer to OCRAM.
Signed-off-by: Ley Foon Tan <ley.foon.tan@intel.com>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
diff --git a/arch/arm/mach-socfpga/Makefile b/arch/arm/mach-socfpga/Makefile
index fc1181c..dab34d0 100644
--- a/arch/arm/mach-socfpga/Makefile
+++ b/arch/arm/mach-socfpga/Makefile
@@ -51,6 +51,7 @@
obj-y += spl_a10.o
endif
ifdef CONFIG_TARGET_SOCFPGA_STRATIX10
+obj-y += firewall.o
obj-y += spl_s10.o
endif
endif
diff --git a/arch/arm/mach-socfpga/firewall.c b/arch/arm/mach-socfpga/firewall.c
new file mode 100644
index 0000000..9a4111a
--- /dev/null
+++ b/arch/arm/mach-socfpga/firewall.c
@@ -0,0 +1,107 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) 2016-2019 Intel Corporation <www.intel.com>
+ *
+ */
+
+#include <asm/io.h>
+#include <common.h>
+#include <asm/arch/firewall.h>
+#include <asm/arch/system_manager.h>
+
+static void firewall_l4_per_disable(void)
+{
+ const struct socfpga_firwall_l4_per *firwall_l4_per_base =
+ (struct socfpga_firwall_l4_per *)SOCFPGA_FIREWALL_L4_PER;
+ u32 i;
+ const u32 *addr[] = {
+ &firwall_l4_per_base->nand,
+ &firwall_l4_per_base->nand_data,
+ &firwall_l4_per_base->usb0,
+ &firwall_l4_per_base->usb1,
+ &firwall_l4_per_base->spim0,
+ &firwall_l4_per_base->spim1,
+ &firwall_l4_per_base->emac0,
+ &firwall_l4_per_base->emac1,
+ &firwall_l4_per_base->emac2,
+ &firwall_l4_per_base->sdmmc,
+ &firwall_l4_per_base->gpio0,
+ &firwall_l4_per_base->gpio1,
+ &firwall_l4_per_base->i2c0,
+ &firwall_l4_per_base->i2c1,
+ &firwall_l4_per_base->i2c2,
+ &firwall_l4_per_base->i2c3,
+ &firwall_l4_per_base->i2c4,
+ &firwall_l4_per_base->timer0,
+ &firwall_l4_per_base->timer1,
+ &firwall_l4_per_base->uart0,
+ &firwall_l4_per_base->uart1
+ };
+
+ /*
+ * The following lines of code will enable non-secure access
+ * to nand, usb, spi, emac, sdmmc, gpio, i2c, timers and uart. This
+ * is needed as most OS run in non-secure mode. Thus we need to
+ * enable non-secure access to these peripherals in order for the
+ * OS to use these peripherals.
+ */
+ for (i = 0; i < ARRAY_SIZE(addr); i++)
+ writel(FIREWALL_L4_DISABLE_ALL, addr[i]);
+}
+
+static void firewall_l4_sys_disable(void)
+{
+ const struct socfpga_firwall_l4_sys *firwall_l4_sys_base =
+ (struct socfpga_firwall_l4_sys *)SOCFPGA_FIREWALL_L4_SYS;
+ u32 i;
+ const u32 *addr[] = {
+ &firwall_l4_sys_base->dma_ecc,
+ &firwall_l4_sys_base->emac0rx_ecc,
+ &firwall_l4_sys_base->emac0tx_ecc,
+ &firwall_l4_sys_base->emac1rx_ecc,
+ &firwall_l4_sys_base->emac1tx_ecc,
+ &firwall_l4_sys_base->emac2rx_ecc,
+ &firwall_l4_sys_base->emac2tx_ecc,
+ &firwall_l4_sys_base->nand_ecc,
+ &firwall_l4_sys_base->nand_read_ecc,
+ &firwall_l4_sys_base->nand_write_ecc,
+ &firwall_l4_sys_base->ocram_ecc,
+ &firwall_l4_sys_base->sdmmc_ecc,
+ &firwall_l4_sys_base->usb0_ecc,
+ &firwall_l4_sys_base->usb1_ecc,
+ &firwall_l4_sys_base->clock_manager,
+ &firwall_l4_sys_base->io_manager,
+ &firwall_l4_sys_base->reset_manager,
+ &firwall_l4_sys_base->system_manager,
+ &firwall_l4_sys_base->watchdog0,
+ &firwall_l4_sys_base->watchdog1,
+ &firwall_l4_sys_base->watchdog2,
+ &firwall_l4_sys_base->watchdog3
+ };
+
+ for (i = 0; i < ARRAY_SIZE(addr); i++)
+ writel(FIREWALL_L4_DISABLE_ALL, addr[i]);
+}
+
+static void firewall_bridge_disable(void)
+{
+ /* disable lwsocf2fpga and soc2fpga bridge security */
+ writel(FIREWALL_BRIDGE_DISABLE_ALL, SOCFPGA_FIREWALL_SOC2FPGA);
+ writel(FIREWALL_BRIDGE_DISABLE_ALL, SOCFPGA_FIREWALL_LWSOC2FPGA);
+}
+
+void firewall_setup(void)
+{
+ firewall_l4_per_disable();
+ firewall_l4_sys_disable();
+ firewall_bridge_disable();
+
+ /* disable SMMU security */
+ writel(FIREWALL_L4_DISABLE_ALL, SOCFPGA_FIREWALL_TCU);
+
+ /* enable non-secure interface to DMA330 DMA and peripherals */
+ writel(SYSMGR_DMA_IRQ_NS | SYSMGR_DMA_MGR_NS,
+ socfpga_get_sysmgr_addr() + SYSMGR_S10_DMA);
+ writel(SYSMGR_DMAPERIPH_ALL_NS,
+ socfpga_get_sysmgr_addr() + SYSMGR_S10_DMA_PERIPH);
+}
diff --git a/arch/arm/mach-socfpga/include/mach/firewall_s10.h b/arch/arm/mach-socfpga/include/mach/firewall.h
similarity index 94%
rename from arch/arm/mach-socfpga/include/mach/firewall_s10.h
rename to arch/arm/mach-socfpga/include/mach/firewall.h
index b96f779..516bd1c 100644
--- a/arch/arm/mach-socfpga/include/mach/firewall_s10.h
+++ b/arch/arm/mach-socfpga/include/mach/firewall.h
@@ -1,11 +1,11 @@
/* SPDX-License-Identifier: GPL-2.0
*
- * Copyright (C) 2017-2018 Intel Corporation <www.intel.com>
+ * Copyright (C) 2017-2019 Intel Corporation <www.intel.com>
*
*/
-#ifndef _FIREWALL_S10_
-#define _FIREWALL_S10_
+#ifndef _FIREWALL_H_
+#define _FIREWALL_H_
struct socfpga_firwall_l4_per {
u32 nand; /* 0x00 */
@@ -117,4 +117,6 @@
#define FW_MPU_DDR_SCR_WRITEL(data, reg) \
writel(data, SOCFPGA_FW_MPU_DDR_SCR_ADDRESS + (reg))
-#endif /* _FIREWALL_S10_ */
+void firewall_setup(void);
+
+#endif /* _FIREWALL_H_ */
diff --git a/arch/arm/mach-socfpga/spl_s10.c b/arch/arm/mach-socfpga/spl_s10.c
index 028c5a1..caff089 100644
--- a/arch/arm/mach-socfpga/spl_s10.c
+++ b/arch/arm/mach-socfpga/spl_s10.c
@@ -12,7 +12,7 @@
#include <image.h>
#include <spl.h>
#include <asm/arch/clock_manager.h>
-#include <asm/arch/firewall_s10.h>
+#include <asm/arch/firewall.h>
#include <asm/arch/mailbox_s10.h>
#include <asm/arch/misc.h>
#include <asm/arch/reset_manager.h>
@@ -39,80 +39,6 @@
}
#endif
-void spl_disable_firewall_l4_per(void)
-{
- const struct socfpga_firwall_l4_per *firwall_l4_per_base =
- (struct socfpga_firwall_l4_per *)SOCFPGA_FIREWALL_L4_PER;
- u32 i;
- const u32 *addr[] = {
- &firwall_l4_per_base->nand,
- &firwall_l4_per_base->nand_data,
- &firwall_l4_per_base->usb0,
- &firwall_l4_per_base->usb1,
- &firwall_l4_per_base->spim0,
- &firwall_l4_per_base->spim1,
- &firwall_l4_per_base->emac0,
- &firwall_l4_per_base->emac1,
- &firwall_l4_per_base->emac2,
- &firwall_l4_per_base->sdmmc,
- &firwall_l4_per_base->gpio0,
- &firwall_l4_per_base->gpio1,
- &firwall_l4_per_base->i2c0,
- &firwall_l4_per_base->i2c1,
- &firwall_l4_per_base->i2c2,
- &firwall_l4_per_base->i2c3,
- &firwall_l4_per_base->i2c4,
- &firwall_l4_per_base->timer0,
- &firwall_l4_per_base->timer1,
- &firwall_l4_per_base->uart0,
- &firwall_l4_per_base->uart1
- };
-
- /*
- * The following lines of code will enable non-secure access
- * to nand, usb, spi, emac, sdmmc, gpio, i2c, timers and uart. This
- * is needed as most OS run in non-secure mode. Thus we need to
- * enable non-secure access to these peripherals in order for the
- * OS to use these peripherals.
- */
- for (i = 0; i < ARRAY_SIZE(addr); i++)
- writel(FIREWALL_L4_DISABLE_ALL, addr[i]);
-}
-
-void spl_disable_firewall_l4_sys(void)
-{
- const struct socfpga_firwall_l4_sys *firwall_l4_sys_base =
- (struct socfpga_firwall_l4_sys *)SOCFPGA_FIREWALL_L4_SYS;
- u32 i;
- const u32 *addr[] = {
- &firwall_l4_sys_base->dma_ecc,
- &firwall_l4_sys_base->emac0rx_ecc,
- &firwall_l4_sys_base->emac0tx_ecc,
- &firwall_l4_sys_base->emac1rx_ecc,
- &firwall_l4_sys_base->emac1tx_ecc,
- &firwall_l4_sys_base->emac2rx_ecc,
- &firwall_l4_sys_base->emac2tx_ecc,
- &firwall_l4_sys_base->nand_ecc,
- &firwall_l4_sys_base->nand_read_ecc,
- &firwall_l4_sys_base->nand_write_ecc,
- &firwall_l4_sys_base->ocram_ecc,
- &firwall_l4_sys_base->sdmmc_ecc,
- &firwall_l4_sys_base->usb0_ecc,
- &firwall_l4_sys_base->usb1_ecc,
- &firwall_l4_sys_base->clock_manager,
- &firwall_l4_sys_base->io_manager,
- &firwall_l4_sys_base->reset_manager,
- &firwall_l4_sys_base->system_manager,
- &firwall_l4_sys_base->watchdog0,
- &firwall_l4_sys_base->watchdog1,
- &firwall_l4_sys_base->watchdog2,
- &firwall_l4_sys_base->watchdog3
- };
-
- for (i = 0; i < ARRAY_SIZE(addr); i++)
- writel(FIREWALL_L4_DISABLE_ALL, addr[i]);
-}
-
void board_init_f(ulong dummy)
{
const struct cm_config *cm_default_cfg = cm_get_default_config();
@@ -154,22 +80,7 @@
preloader_console_init();
cm_print_clock_quick_summary();
- /* enable non-secure interface to DMA330 DMA and peripherals */
- writel(SYSMGR_DMA_IRQ_NS | SYSMGR_DMA_MGR_NS,
- socfpga_get_sysmgr_addr() + SYSMGR_S10_DMA);
- writel(SYSMGR_DMAPERIPH_ALL_NS,
- socfpga_get_sysmgr_addr() + SYSMGR_S10_DMA_PERIPH);
-
- spl_disable_firewall_l4_per();
-
- spl_disable_firewall_l4_sys();
-
- /* disable lwsocf2fpga and soc2fpga bridge security */
- writel(FIREWALL_BRIDGE_DISABLE_ALL, SOCFPGA_FIREWALL_SOC2FPGA);
- writel(FIREWALL_BRIDGE_DISABLE_ALL, SOCFPGA_FIREWALL_LWSOC2FPGA);
-
- /* disable SMMU security */
- writel(FIREWALL_L4_DISABLE_ALL, SOCFPGA_FIREWALL_TCU);
+ firewall_setup();
/* disable ocram security at CCU for non secure access */
clrbits_le32(CCU_REG_ADDR(CCU_CPU0_MPRT_ADMASK_MEM_RAM0),