hw & imx53: kernel Trustzone config for USB armory
On the USB Armory, we want to secure different devices than on other i.MX53 implementations. Thus, add a board specific configuration that is interpreted by the kernel Trustzone initialization. Ref #1497
This commit is contained in:
parent
85ba3259f8
commit
bed04f1f16
|
@ -0,0 +1,11 @@
|
||||||
|
#
|
||||||
|
# \brief Build config for parts of core that depend on Trustzone status
|
||||||
|
# \author Martin Stein
|
||||||
|
# \date 2015-10-30
|
||||||
|
#
|
||||||
|
|
||||||
|
# add include paths
|
||||||
|
INC_DIR += $(REP_DIR)/src/core/include/spec/imx53_qsb/trustzone
|
||||||
|
|
||||||
|
# include less specific configuration
|
||||||
|
include $(REP_DIR)/lib/mk/spec/imx53/core-trustzone_on.inc
|
|
@ -0,0 +1,11 @@
|
||||||
|
#
|
||||||
|
# \brief Build config for parts of core that depend on Trustzone status
|
||||||
|
# \author Martin Stein
|
||||||
|
# \date 2015-10-30
|
||||||
|
#
|
||||||
|
|
||||||
|
# add include paths
|
||||||
|
INC_DIR += $(REP_DIR)/src/core/include/spec/usb_armory
|
||||||
|
|
||||||
|
# include less specific configuration
|
||||||
|
include $(REP_DIR)/lib/mk/spec/imx53/core-trustzone_on.inc
|
|
@ -18,6 +18,9 @@
|
||||||
#include <util/mmio.h>
|
#include <util/mmio.h>
|
||||||
#include <util/register.h>
|
#include <util/register.h>
|
||||||
|
|
||||||
|
/* core includes */
|
||||||
|
#include <csu_config.h>
|
||||||
|
|
||||||
namespace Genode {
|
namespace Genode {
|
||||||
|
|
||||||
class Csu : Mmio
|
class Csu : Mmio
|
||||||
|
@ -115,17 +118,23 @@ namespace Genode {
|
||||||
write<Csl04::Slave_a>(Csl00::UNSECURE);
|
write<Csl04::Slave_a>(Csl00::UNSECURE);
|
||||||
|
|
||||||
/* UART 1-5 */
|
/* UART 1-5 */
|
||||||
write<Csl07::Slave_b>(Csl00::UNSECURE);
|
Csl00::access_t constexpr uart_csl =
|
||||||
write<Csl08::Slave_a>(Csl00::UNSECURE);
|
Csu_config::SECURE_UART ? Csl00::SECURE :
|
||||||
write<Csl26::Slave_a>(Csl00::UNSECURE);
|
Csl00::UNSECURE;
|
||||||
write<Csl30::Slave_b>(Csl00::UNSECURE);
|
write<Csl07::Slave_b>(uart_csl);
|
||||||
write<Csl19::Slave_a>(Csl00::UNSECURE);
|
write<Csl08::Slave_a>(uart_csl);
|
||||||
|
write<Csl26::Slave_a>(uart_csl);
|
||||||
|
write<Csl30::Slave_b>(uart_csl);
|
||||||
|
write<Csl19::Slave_a>(uart_csl);
|
||||||
|
|
||||||
/* GPIO */
|
/* GPIO */
|
||||||
write<Csl00::Slave_b>(Csl00::SECURE);
|
Csl00::access_t constexpr gpio_csl =
|
||||||
write<Csl01::Slave_a>(Csl00::SECURE);
|
Csu_config::SECURE_GPIO ? Csl00::SECURE :
|
||||||
write<Csl01::Slave_b>(Csl00::SECURE);
|
Csl00::UNSECURE;
|
||||||
write<Csl02::Slave_a>(Csl00::SECURE);
|
write<Csl00::Slave_b>(gpio_csl);
|
||||||
|
write<Csl01::Slave_a>(gpio_csl);
|
||||||
|
write<Csl01::Slave_b>(gpio_csl);
|
||||||
|
write<Csl02::Slave_a>(gpio_csl);
|
||||||
|
|
||||||
/* IOMUXC TODO */
|
/* IOMUXC TODO */
|
||||||
write<Csl05::Slave_a>(Csl00::UNSECURE);
|
write<Csl05::Slave_a>(Csl00::UNSECURE);
|
||||||
|
@ -140,9 +149,12 @@ namespace Genode {
|
||||||
write<Csl22::Slave_b>(Csl00::SECURE);
|
write<Csl22::Slave_b>(Csl00::SECURE);
|
||||||
|
|
||||||
/* I2C */
|
/* I2C */
|
||||||
write<Csl18::Slave_a>(Csl00::SECURE);
|
Csl00::access_t constexpr i2c_csl =
|
||||||
write<Csl17::Slave_b>(Csl00::SECURE);
|
Csu_config::SECURE_I2C ? Csl00::SECURE :
|
||||||
write<Csl31::Slave_a>(Csl00::SECURE);
|
Csl00::UNSECURE;
|
||||||
|
write<Csl18::Slave_a>(i2c_csl);
|
||||||
|
write<Csl17::Slave_b>(i2c_csl);
|
||||||
|
write<Csl31::Slave_a>(i2c_csl);
|
||||||
|
|
||||||
/* IPU */
|
/* IPU */
|
||||||
write<Csl24::Slave_a>(Csl00::SECURE);
|
write<Csl24::Slave_a>(Csl00::SECURE);
|
||||||
|
@ -157,10 +169,13 @@ namespace Genode {
|
||||||
write<Csl22::Slave_a>(Csl00::UNSECURE);
|
write<Csl22::Slave_a>(Csl00::UNSECURE);
|
||||||
|
|
||||||
/* SDHCI 1-4 */
|
/* SDHCI 1-4 */
|
||||||
write<Csl25::Slave_a>(Csl00::UNSECURE);
|
Csl00::access_t constexpr esdhc_csl =
|
||||||
write<Csl25::Slave_b>(Csl00::UNSECURE);
|
Csu_config::SECURE_ESDHC ? Csl00::SECURE :
|
||||||
write<Csl28::Slave_a>(Csl00::UNSECURE);
|
Csl00::UNSECURE;
|
||||||
write<Csl28::Slave_b>(Csl00::UNSECURE);
|
write<Csl25::Slave_a>(esdhc_csl);
|
||||||
|
write<Csl25::Slave_b>(esdhc_csl);
|
||||||
|
write<Csl28::Slave_a>(esdhc_csl);
|
||||||
|
write<Csl28::Slave_b>(esdhc_csl);
|
||||||
|
|
||||||
/* SPDIF */
|
/* SPDIF */
|
||||||
write<Csl29::Slave_a>(Csl00::UNSECURE);
|
write<Csl29::Slave_a>(Csl00::UNSECURE);
|
||||||
|
@ -212,10 +227,14 @@ namespace Genode {
|
||||||
write<Master::Pata>(Master::UNSECURE_UNLOCKED);
|
write<Master::Pata>(Master::UNSECURE_UNLOCKED);
|
||||||
write<Master::Fec>(Master::UNSECURE_UNLOCKED);
|
write<Master::Fec>(Master::UNSECURE_UNLOCKED);
|
||||||
write<Master::Dap>(Master::UNSECURE_UNLOCKED);
|
write<Master::Dap>(Master::UNSECURE_UNLOCKED);
|
||||||
write<Master::Esdhc1>(Master::UNSECURE_UNLOCKED);
|
|
||||||
write<Master::Esdhc2>(Master::UNSECURE_UNLOCKED);
|
Master::access_t constexpr esdhc_master =
|
||||||
write<Master::Esdhc3>(Master::UNSECURE_UNLOCKED);
|
Csu_config::SECURE_ESDHC ? Master::SECURE_UNLOCKED :
|
||||||
write<Master::Esdhc4>(Master::UNSECURE_UNLOCKED);
|
Master::UNSECURE_UNLOCKED;
|
||||||
|
write<Master::Esdhc1>(esdhc_master);
|
||||||
|
write<Master::Esdhc2>(esdhc_master);
|
||||||
|
write<Master::Esdhc3>(esdhc_master);
|
||||||
|
write<Master::Esdhc4>(esdhc_master);
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,30 @@
|
||||||
|
/*
|
||||||
|
* \brief Configuration of the Driver for the Central Security Unit
|
||||||
|
* \author Martin Stein
|
||||||
|
* \date 2015-10-30
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Copyright (C) 2015 Genode Labs GmbH
|
||||||
|
*
|
||||||
|
* This file is part of the Genode OS framework, which is distributed
|
||||||
|
* under the terms of the GNU General Public License version 2.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef _CSU_CONFIG_H_
|
||||||
|
#define _CSU_CONFIG_H_
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Configuration of the Driver for the Central Security Unit
|
||||||
|
*/
|
||||||
|
namespace Csu_config
|
||||||
|
{
|
||||||
|
enum {
|
||||||
|
SECURE_GPIO = 1,
|
||||||
|
SECURE_ESDHC = 0,
|
||||||
|
SECURE_UART = 0,
|
||||||
|
SECURE_I2C = 1,
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
#endif /* _CSU_CONFIG_H_ */
|
|
@ -0,0 +1,30 @@
|
||||||
|
/*
|
||||||
|
* \brief Configuration of the Driver for the Central Security Unit
|
||||||
|
* \author Martin Stein
|
||||||
|
* \date 2015-10-30
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Copyright (C) 2015 Genode Labs GmbH
|
||||||
|
*
|
||||||
|
* This file is part of the Genode OS framework, which is distributed
|
||||||
|
* under the terms of the GNU General Public License version 2.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef _CSU_CONFIG_H_
|
||||||
|
#define _CSU_CONFIG_H_
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Configuration of the Driver for the Central Security Unit
|
||||||
|
*/
|
||||||
|
namespace Csu_config
|
||||||
|
{
|
||||||
|
enum {
|
||||||
|
SECURE_GPIO = 0,
|
||||||
|
SECURE_ESDHC = 1,
|
||||||
|
SECURE_UART = 1,
|
||||||
|
SECURE_I2C = 0,
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
#endif /* _CSU_CONFIG_H_ */
|
|
@ -28,12 +28,14 @@ extern int _mon_kernel_entry;
|
||||||
|
|
||||||
bool secure_irq(unsigned const i)
|
bool secure_irq(unsigned const i)
|
||||||
{
|
{
|
||||||
|
using namespace Csu_config;
|
||||||
if (i == Board::EPIT_1_IRQ) return true;
|
if (i == Board::EPIT_1_IRQ) return true;
|
||||||
if (i == Board::EPIT_2_IRQ) return true;
|
if (i == Board::EPIT_2_IRQ) return true;
|
||||||
if (i == Board::I2C_2_IRQ) return true;
|
if (i == Board::I2C_2_IRQ) return SECURE_I2C;
|
||||||
if (i == Board::I2C_3_IRQ) return true;
|
if (i == Board::I2C_3_IRQ) return SECURE_I2C;
|
||||||
if (i >= Board::GPIO1_IRQL && i <= Board::GPIO4_IRQH) return true;
|
if (i == Board::ESDHCV2_1_IRQ) return SECURE_ESDHC;
|
||||||
if (i >= Board::GPIO5_IRQL && i <= Board::GPIO7_IRQH) return true;
|
if (i >= Board::GPIO1_IRQL && i <= Board::GPIO4_IRQH) return SECURE_GPIO;
|
||||||
|
if (i >= Board::GPIO5_IRQL && i <= Board::GPIO7_IRQH) return SECURE_GPIO;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue