From d06edabfd14e0d196139fb1c780017f34366ae0d Mon Sep 17 00:00:00 2001 From: Chungying Lu Date: Wed, 12 Jul 2023 16:09:49 +0800 Subject: [PATCH] feat(mt8188): modify APU DAPC permission We limited the r/w permission of some register groups for security concerns. These regitser groups should not be accessed by domain 3 or domain 5. Change-Id: I2188da88d9e10a931d87bda14dc7dca46633dcd8 Signed-off-by: Chungying Lu --- .../drivers/apusys/devapc/apusys_dapc_v1.h | 15 --------------- .../drivers/apusys/mt8188/apusys_devapc_def.h | 12 ++++++------ 2 files changed, 6 insertions(+), 21 deletions(-) diff --git a/plat/mediatek/drivers/apusys/devapc/apusys_dapc_v1.h b/plat/mediatek/drivers/apusys/devapc/apusys_dapc_v1.h index 2f5d47ba2..1b77942f2 100644 --- a/plat/mediatek/drivers/apusys/devapc/apusys_dapc_v1.h +++ b/plat/mediatek/drivers/apusys/devapc/apusys_dapc_v1.h @@ -155,19 +155,4 @@ void dump_apusys_dapc_v1(const char *name, uintptr_t base, uint32_t reg_num, uin FORBIDDEN, NO_PROTECTION, FORBIDDEN, FORBIDDEN, \ FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN, \ FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN) - -#define SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT_D3_SEC_RW(domain) \ - APUSYS_APC_AO_ATTR(domain, \ - NO_PROTECTION, FORBIDDEN, FORBIDDEN, SEC_RW_ONLY, \ - FORBIDDEN, NO_PROTECTION, FORBIDDEN, FORBIDDEN, \ - FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN, \ - FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN) - -#define SLAVE_FORBID_EXCEPT_D0_D3_SEC_RW_D5_NO_PROTECT(domain) \ - APUSYS_APC_AO_ATTR(domain, \ - SEC_RW_ONLY, FORBIDDEN, FORBIDDEN, SEC_RW_ONLY, \ - FORBIDDEN, NO_PROTECTION, FORBIDDEN, FORBIDDEN, \ - FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN, \ - FORBIDDEN, FORBIDDEN, FORBIDDEN, FORBIDDEN) - #endif /* APUSYS_DAPC_V1_H */ diff --git a/plat/mediatek/drivers/apusys/mt8188/apusys_devapc_def.h b/plat/mediatek/drivers/apusys/mt8188/apusys_devapc_def.h index e74b02277..47a2a9414 100644 --- a/plat/mediatek/drivers/apusys/mt8188/apusys_devapc_def.h +++ b/plat/mediatek/drivers/apusys/mt8188/apusys_devapc_def.h @@ -29,14 +29,14 @@ #define SLAVE_AO_BCRM SLAVE_FORBID_EXCEPT_D5_NO_PROTECT #define SLAVE_AO_DAPC_WRAP SLAVE_FORBID_EXCEPT_D5_NO_PROTECT #define SLAVE_AO_DAPC_CON SLAVE_FORBID_EXCEPT_D0_SEC_RW_D5_NO_PROTECT -#define SLAVE_RCX_ACX_BULK SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT_D3_SEC_RW -#define SLAVE_ACX0_BCRM SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT_D3_SEC_RW +#define SLAVE_RCX_ACX_BULK SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT +#define SLAVE_ACX0_BCRM SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT #define SLAVE_RPCTOP_LITE_ACX0 SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT -#define SLAVE_ACX1_BCRM SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT_D3_SEC_RW +#define SLAVE_ACX1_BCRM SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT #define SLAVE_RPCTOP_LITE_ACX1 SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT -#define SLAVE_RCX_TO_ACX0_0 SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT_D3_SEC_RW +#define SLAVE_RCX_TO_ACX0_0 SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT #define SLAVE_RCX_TO_ACX0_1 SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT -#define SLAVE_SAE_TO_ACX0_0 SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT_D3_SEC_RW +#define SLAVE_SAE_TO_ACX0_0 SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT #define SLAVE_SAE_TO_ACX0_1 SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT #define SLAVE_RCX_TO_ACX1_0 SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT #define SLAVE_RCX_TO_ACX1_1 SLAVE_FORBID_EXCEPT_D0_D5_NO_PROTECT @@ -79,7 +79,7 @@ #define SLAVE_SENSOR_WRAP_ACX1_DLA1 SLAVE_FORBID_EXCEPT_D5_NO_PROTECT #define SLAVE_SENSOR_WRAP_ACX1_VPU0 SLAVE_FORBID_EXCEPT_D5_NO_PROTECT #define SLAVE_REVISER SLAVE_FORBID_EXCEPT_D0_SEC_RW -#define SLAVE_NOC SLAVE_FORBID_EXCEPT_D0_D3_SEC_RW_D5_NO_PROTECT +#define SLAVE_NOC SLAVE_FORBID_EXCEPT_D0_SEC_RW #define SLAVE_BCRM SLAVE_FORBID_EXCEPT_D5_NO_PROTECT #define SLAVE_DAPC_WRAP SLAVE_FORBID_EXCEPT_D5_NO_PROTECT #define SLAVE_DAPC_CON SLAVE_FORBID_EXCEPT_D0_SEC_RW_D5_NO_PROTECT