[PATCH v1 6/9] ddr: altera: soc64: Add secure region support for ATF flow
alif.zakuan.yuslaimi at altera.com
alif.zakuan.yuslaimi at altera.com
Fri Apr 3 04:25:10 CEST 2026
From: Alif Zakuan Yuslaimi <alif.zakuan.yuslaimi at altera.com>
Setting up firewall regions based on SDRAM memory banks configuration
(up to CONFIG_NR_DRAM_BANKS banks) instead of using whole address space.
First 1 MiB (0 to 0xfffff) of SDRAM is configured as secure region,
other address spaces are non-secure regions. The ARM Trusted Firmware (ATF)
image is located in this first 1 MiB memory region. So, this can prevent
software executing at non-secure state EL0-EL2 and non-secure masters
access to secure region.
Add common function for firewall setup and reuse for all SoC64 devices.
Signed-off-by: Alif Zakuan Yuslaimi <alif.zakuan.yuslaimi at altera.com>
---
drivers/ddr/altera/sdram_s10.c | 16 ++--------------
1 file changed, 2 insertions(+), 14 deletions(-)
diff --git a/drivers/ddr/altera/sdram_s10.c b/drivers/ddr/altera/sdram_s10.c
index 1497a8e4aab..aed53ae58eb 100644
--- a/drivers/ddr/altera/sdram_s10.c
+++ b/drivers/ddr/altera/sdram_s10.c
@@ -78,20 +78,6 @@ int sdram_mmr_init_full(struct udevice *dev)
phys_size_t hw_size;
struct bd_info bd = {0};
- /* this enables nonsecure access to DDR */
- /* mpuregion0addr_limit */
- FW_MPU_DDR_SCR_WRITEL(0xFFFF0000, FW_MPU_DDR_SCR_MPUREGION0ADDR_LIMIT);
- FW_MPU_DDR_SCR_WRITEL(0x1F, FW_MPU_DDR_SCR_MPUREGION0ADDR_LIMITEXT);
-
- /* nonmpuregion0addr_limit */
- FW_MPU_DDR_SCR_WRITEL(0xFFFF0000,
- FW_MPU_DDR_SCR_NONMPUREGION0ADDR_LIMIT);
- FW_MPU_DDR_SCR_WRITEL(0x1F, FW_MPU_DDR_SCR_NONMPUREGION0ADDR_LIMITEXT);
-
- /* Enable mpuregion0enable and nonmpuregion0enable */
- FW_MPU_DDR_SCR_WRITEL(MPUREGION0_ENABLE | NONMPUREGION0_ENABLE,
- FW_MPU_DDR_SCR_EN_SET);
-
/* Ensure HMC clock is running */
if (poll_hmc_clock_status()) {
puts("DDR: Error as HMC clock not running\n");
@@ -284,6 +270,8 @@ int sdram_mmr_init_full(struct udevice *dev)
sdram_size_check(&bd);
+ sdram_set_firewall(&bd);
+
priv->info.base = bd.bi_dram[0].start;
priv->info.size = gd->ram_size;
--
2.43.7
More information about the U-Boot
mailing list