From bed04f1f16f88b1de39d886a17cd5893920d71f3 Mon Sep 17 00:00:00 2001
From: Martin Stein <martin.stein@genode-labs.com>
Date: Mon, 2 Nov 2015 14:29:04 +0100
Subject: [PATCH] hw & imx53: kernel Trustzone config for USB armory

On the USB Armory, we want to secure different devices than on other i.MX53
implementations. Thus, add a board specific configuration that is interpreted
by the kernel Trustzone initialization.

Ref #1497
---
 ...-trustzone_on.mk => core-trustzone_on.inc} |  0
 .../mk/spec/imx53_qsb/core-trustzone_on.mk    | 11 ++++
 .../mk/spec/usb_armory/core-trustzone_on.mk   | 11 ++++
 .../core/include/spec/imx53/trustzone/csu.h   | 59 ++++++++++++-------
 .../spec/imx53_qsb/trustzone/csu_config.h     | 30 ++++++++++
 .../core/include/spec/usb_armory/csu_config.h | 30 ++++++++++
 .../spec/imx53/trustzone/platform_support.cc  | 10 ++--
 7 files changed, 127 insertions(+), 24 deletions(-)
 rename repos/base-hw/lib/mk/spec/imx53/{core-trustzone_on.mk => core-trustzone_on.inc} (100%)
 create mode 100644 repos/base-hw/lib/mk/spec/imx53_qsb/core-trustzone_on.mk
 create mode 100644 repos/base-hw/lib/mk/spec/usb_armory/core-trustzone_on.mk
 create mode 100644 repos/base-hw/src/core/include/spec/imx53_qsb/trustzone/csu_config.h
 create mode 100644 repos/base-hw/src/core/include/spec/usb_armory/csu_config.h

diff --git a/repos/base-hw/lib/mk/spec/imx53/core-trustzone_on.mk b/repos/base-hw/lib/mk/spec/imx53/core-trustzone_on.inc
similarity index 100%
rename from repos/base-hw/lib/mk/spec/imx53/core-trustzone_on.mk
rename to repos/base-hw/lib/mk/spec/imx53/core-trustzone_on.inc
diff --git a/repos/base-hw/lib/mk/spec/imx53_qsb/core-trustzone_on.mk b/repos/base-hw/lib/mk/spec/imx53_qsb/core-trustzone_on.mk
new file mode 100644
index 000000000..427062ae9
--- /dev/null
+++ b/repos/base-hw/lib/mk/spec/imx53_qsb/core-trustzone_on.mk
@@ -0,0 +1,11 @@
+#
+# \brief  Build config for parts of core that depend on Trustzone status
+# \author Martin Stein
+# \date   2015-10-30
+#
+
+# add include paths
+INC_DIR += $(REP_DIR)/src/core/include/spec/imx53_qsb/trustzone
+
+# include less specific configuration
+include $(REP_DIR)/lib/mk/spec/imx53/core-trustzone_on.inc
diff --git a/repos/base-hw/lib/mk/spec/usb_armory/core-trustzone_on.mk b/repos/base-hw/lib/mk/spec/usb_armory/core-trustzone_on.mk
new file mode 100644
index 000000000..b0c90b1b3
--- /dev/null
+++ b/repos/base-hw/lib/mk/spec/usb_armory/core-trustzone_on.mk
@@ -0,0 +1,11 @@
+#
+# \brief  Build config for parts of core that depend on Trustzone status
+# \author Martin Stein
+# \date   2015-10-30
+#
+
+# add include paths
+INC_DIR += $(REP_DIR)/src/core/include/spec/usb_armory
+
+# include less specific configuration
+include $(REP_DIR)/lib/mk/spec/imx53/core-trustzone_on.inc
diff --git a/repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h b/repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h
index 2d015737f..6db0624ef 100644
--- a/repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h
+++ b/repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h
@@ -18,6 +18,9 @@
 #include <util/mmio.h>
 #include <util/register.h>
 
+/* core includes */
+#include <csu_config.h>
+
 namespace Genode {
 
 	class Csu : Mmio
@@ -115,17 +118,23 @@ namespace Genode {
 				write<Csl04::Slave_a>(Csl00::UNSECURE);
 
 				/* UART 1-5 */
-				write<Csl07::Slave_b>(Csl00::UNSECURE);
-				write<Csl08::Slave_a>(Csl00::UNSECURE);
-				write<Csl26::Slave_a>(Csl00::UNSECURE);
-				write<Csl30::Slave_b>(Csl00::UNSECURE);
-				write<Csl19::Slave_a>(Csl00::UNSECURE);
+				Csl00::access_t constexpr uart_csl =
+					Csu_config::SECURE_UART ? Csl00::SECURE :
+					                          Csl00::UNSECURE;
+				write<Csl07::Slave_b>(uart_csl);
+				write<Csl08::Slave_a>(uart_csl);
+				write<Csl26::Slave_a>(uart_csl);
+				write<Csl30::Slave_b>(uart_csl);
+				write<Csl19::Slave_a>(uart_csl);
 
 				/* GPIO */
-				write<Csl00::Slave_b>(Csl00::SECURE);
-				write<Csl01::Slave_a>(Csl00::SECURE);
-				write<Csl01::Slave_b>(Csl00::SECURE);
-				write<Csl02::Slave_a>(Csl00::SECURE);
+				Csl00::access_t constexpr gpio_csl =
+					Csu_config::SECURE_GPIO ? Csl00::SECURE :
+					                          Csl00::UNSECURE;
+				write<Csl00::Slave_b>(gpio_csl);
+				write<Csl01::Slave_a>(gpio_csl);
+				write<Csl01::Slave_b>(gpio_csl);
+				write<Csl02::Slave_a>(gpio_csl);
 
 				/* IOMUXC TODO */
 				write<Csl05::Slave_a>(Csl00::UNSECURE);
@@ -140,9 +149,12 @@ namespace Genode {
 				write<Csl22::Slave_b>(Csl00::SECURE);
 
 				/* I2C */
-				write<Csl18::Slave_a>(Csl00::SECURE);
-				write<Csl17::Slave_b>(Csl00::SECURE);
-				write<Csl31::Slave_a>(Csl00::SECURE);
+				Csl00::access_t constexpr i2c_csl =
+					Csu_config::SECURE_I2C ? Csl00::SECURE :
+					                         Csl00::UNSECURE;
+				write<Csl18::Slave_a>(i2c_csl);
+				write<Csl17::Slave_b>(i2c_csl);
+				write<Csl31::Slave_a>(i2c_csl);
 
 				/* IPU */
 				write<Csl24::Slave_a>(Csl00::SECURE);
@@ -157,10 +169,13 @@ namespace Genode {
 				write<Csl22::Slave_a>(Csl00::UNSECURE);
 
 				/* SDHCI 1-4 */
-				write<Csl25::Slave_a>(Csl00::UNSECURE);
-				write<Csl25::Slave_b>(Csl00::UNSECURE);
-				write<Csl28::Slave_a>(Csl00::UNSECURE);
-				write<Csl28::Slave_b>(Csl00::UNSECURE);
+				Csl00::access_t constexpr esdhc_csl =
+					Csu_config::SECURE_ESDHC ? Csl00::SECURE :
+					                           Csl00::UNSECURE;
+				write<Csl25::Slave_a>(esdhc_csl);
+				write<Csl25::Slave_b>(esdhc_csl);
+				write<Csl28::Slave_a>(esdhc_csl);
+				write<Csl28::Slave_b>(esdhc_csl);
 
 				/* SPDIF */
 				write<Csl29::Slave_a>(Csl00::UNSECURE);
@@ -212,10 +227,14 @@ namespace Genode {
 				write<Master::Pata>(Master::UNSECURE_UNLOCKED);
 				write<Master::Fec>(Master::UNSECURE_UNLOCKED);
 				write<Master::Dap>(Master::UNSECURE_UNLOCKED);
-				write<Master::Esdhc1>(Master::UNSECURE_UNLOCKED);
-				write<Master::Esdhc2>(Master::UNSECURE_UNLOCKED);
-				write<Master::Esdhc3>(Master::UNSECURE_UNLOCKED);
-				write<Master::Esdhc4>(Master::UNSECURE_UNLOCKED);
+
+				Master::access_t constexpr esdhc_master =
+					Csu_config::SECURE_ESDHC ? Master::SECURE_UNLOCKED :
+					                           Master::UNSECURE_UNLOCKED;
+				write<Master::Esdhc1>(esdhc_master);
+				write<Master::Esdhc2>(esdhc_master);
+				write<Master::Esdhc3>(esdhc_master);
+				write<Master::Esdhc4>(esdhc_master);
 			}
 	};
 }
diff --git a/repos/base-hw/src/core/include/spec/imx53_qsb/trustzone/csu_config.h b/repos/base-hw/src/core/include/spec/imx53_qsb/trustzone/csu_config.h
new file mode 100644
index 000000000..44d040e78
--- /dev/null
+++ b/repos/base-hw/src/core/include/spec/imx53_qsb/trustzone/csu_config.h
@@ -0,0 +1,30 @@
+/*
+ * \brief  Configuration of the Driver for the Central Security Unit
+ * \author Martin Stein
+ * \date   2015-10-30
+ */
+
+/*
+ * Copyright (C) 2015 Genode Labs GmbH
+ *
+ * This file is part of the Genode OS framework, which is distributed
+ * under the terms of the GNU General Public License version 2.
+ */
+
+#ifndef _CSU_CONFIG_H_
+#define _CSU_CONFIG_H_
+
+/**
+ * Configuration of the Driver for the Central Security Unit
+ */
+namespace Csu_config
+{
+	enum {
+		SECURE_GPIO  = 1,
+		SECURE_ESDHC = 0,
+		SECURE_UART  = 0,
+		SECURE_I2C   = 1,
+	};
+};
+
+#endif /* _CSU_CONFIG_H_ */
diff --git a/repos/base-hw/src/core/include/spec/usb_armory/csu_config.h b/repos/base-hw/src/core/include/spec/usb_armory/csu_config.h
new file mode 100644
index 000000000..27ed47303
--- /dev/null
+++ b/repos/base-hw/src/core/include/spec/usb_armory/csu_config.h
@@ -0,0 +1,30 @@
+/*
+ * \brief  Configuration of the Driver for the Central Security Unit
+ * \author Martin Stein
+ * \date   2015-10-30
+ */
+
+/*
+ * Copyright (C) 2015 Genode Labs GmbH
+ *
+ * This file is part of the Genode OS framework, which is distributed
+ * under the terms of the GNU General Public License version 2.
+ */
+
+#ifndef _CSU_CONFIG_H_
+#define _CSU_CONFIG_H_
+
+/**
+ * Configuration of the Driver for the Central Security Unit
+ */
+namespace Csu_config
+{
+	enum {
+		SECURE_GPIO  = 0,
+		SECURE_ESDHC = 1,
+		SECURE_UART  = 1,
+		SECURE_I2C   = 0,
+	};
+};
+
+#endif /* _CSU_CONFIG_H_ */
diff --git a/repos/base-hw/src/core/spec/imx53/trustzone/platform_support.cc b/repos/base-hw/src/core/spec/imx53/trustzone/platform_support.cc
index fd87e7327..342d0b72c 100644
--- a/repos/base-hw/src/core/spec/imx53/trustzone/platform_support.cc
+++ b/repos/base-hw/src/core/spec/imx53/trustzone/platform_support.cc
@@ -28,12 +28,14 @@ extern int _mon_kernel_entry;
 
 bool secure_irq(unsigned const i)
 {
+	using namespace Csu_config;
 	if (i == Board::EPIT_1_IRQ)                           return true;
 	if (i == Board::EPIT_2_IRQ)                           return true;
-	if (i == Board::I2C_2_IRQ)                            return true;
-	if (i == Board::I2C_3_IRQ)                            return true;
-	if (i >= Board::GPIO1_IRQL && i <= Board::GPIO4_IRQH) return true;
-	if (i >= Board::GPIO5_IRQL && i <= Board::GPIO7_IRQH) return true;
+	if (i == Board::I2C_2_IRQ)                            return SECURE_I2C;
+	if (i == Board::I2C_3_IRQ)                            return SECURE_I2C;
+	if (i == Board::ESDHCV2_1_IRQ)                        return SECURE_ESDHC;
+	if (i >= Board::GPIO1_IRQL && i <= Board::GPIO4_IRQH) return SECURE_GPIO;
+	if (i >= Board::GPIO5_IRQL && i <= Board::GPIO7_IRQH) return SECURE_GPIO;
 	return false;
 }