From 3388198a263516d774687beab0eff93226fa9b55 Mon Sep 17 00:00:00 2001 From: Michael Scire Date: Fri, 2 Mar 2018 12:45:37 -0800 Subject: [PATCH] Add coldboot mmio init (for non 4.x), required for FLOW writes to succeed. --- exosphere/src/bootup.c | 7 ++++++- exosphere/src/coldboot_init.c | 30 ++++++++++++++++++++++++++++++ exosphere/src/timers.h | 2 ++ 3 files changed, 38 insertions(+), 1 deletion(-) diff --git a/exosphere/src/bootup.c b/exosphere/src/bootup.c index 7015a9085..291c1741a 100644 --- a/exosphere/src/bootup.c +++ b/exosphere/src/bootup.c @@ -10,6 +10,7 @@ #include "se.h" #include "masterkey.h" #include "configitem.h" +#include "timers.h" #include "misc.h" void bootup_misc_mmio(void) { @@ -21,6 +22,7 @@ void bootup_misc_mmio(void) { /* TODO: se_verify_keys_unreadable(); */ se_validate_stored_vector(); + for (unsigned int i = 0; i < KEYSLOT_SWITCH_SESSIONKEY; i++) { clear_aes_keyslot(i); } @@ -32,9 +34,12 @@ void bootup_misc_mmio(void) { se_generate_random_key(KEYSLOT_SWITCH_SRKGENKEY, KEYSLOT_SWITCH_RNGKEY); se_generate_srk(KEYSLOT_SWITCH_SRKGENKEY); + /* Todo: What? */ + MAKE_TIMERS_REG(0x1A4) = 0xF1E0; + FLOW_CTLR_BPMP_CLUSTER_CONTROL_0 = 4; /* ACTIVE_CLUSTER_LOCK. */ FLOW_CTLR_FLOW_DBG_QUAL_0 = 0x10000000; /* Enable FIQ2CCPLEX */ - + /* Disable Deep Power Down. */ APBDEV_PMC_DPD_ENABLE_0 = 0; diff --git a/exosphere/src/coldboot_init.c b/exosphere/src/coldboot_init.c index c0af69d77..839b57e9f 100644 --- a/exosphere/src/coldboot_init.c +++ b/exosphere/src/coldboot_init.c @@ -122,7 +122,34 @@ uintptr_t get_coldboot_crt0_stack_address(void) { return TZRAM_GET_SEGMENT_PA(TZRAM_SEGMENT_ID_CORE3_STACK) + 0x800; } +void coldboot_init_dma_controllers(void) { + /* SYSCTR0_CNTCR_0 = ENABLE | HALT_ON_DEBUG (write-once init) */ + (*((volatile uint32_t *)(0x700F0000))) = 3; + /* AHB_MASTER_SWID_0 */ + (*((volatile uint32_t *)(0x6000C018))) = 0; + + /* AHB_MASTER_SWID_1 - Makes USB1/USB2 use SWID[1] */ + (*((volatile uint32_t *)(0x6000C038))) = 0x40040; + + /* APBDMA_CHANNEL_SWID_0 = ~0 (SWID = 1 for all APB-DMA channels) */ + (*((volatile uint32_t *)(0x6002003C))) = 0xFFFFFFFF; + + /* APBDMA_CHANNEL_SWID1_0 = 0 (See above) */ + (*((volatile uint32_t *)(0x60020054))) = 0; + + /* APBDMA_SECURITY_REG_0 = 0 (All APB-DMA channels non-secure) */ + (*((volatile uint32_t *)(0x60020038))) = 0; + + /* MSELECT_CONFIG_0 |= WRAP_TO_INCR_SLAVE0(APC) | WRAP_TO_INCR_SLAVE1(PCIe) | WRAP_TO_INCR_SLAVE2(GPU) */ + (*((volatile uint32_t *)(0x50060000))) |= 0x38000000; + + /* AHB_ARBITRATION_PRIORITY_CTRL_0 - Select high prio group with prio 7 */ + (*((volatile uint32_t *)(0x6000C008))) = 0xE0000001; + + /* AHB_GIZMO_TZRAM_0 |= DONT_SPLIT_AHB_WR */ + (*((volatile uint32_t *)(0x6000C054))) = 0x80; +} void coldboot_init(coldboot_crt0_reloc_list_t *reloc_list, boot_func_list_t *func_list) { /* Custom approach */ @@ -137,6 +164,9 @@ void coldboot_init(coldboot_crt0_reloc_list_t *reloc_list, boot_func_list_t *fun /* At this point, we can (and will) access functions located in .warm_crt0 */ translate_warmboot_func_list(reloc_list, func_list); + /* TODO: 4.x does slightly different init. How should we handle this? We can't detect master key revision yet. */ + coldboot_init_dma_controllers(); + /* TODO: initialize DMA controllers, etc. */ configure_ttbls(); func_list->funcs.set_memory_registers_enable_mmu(); diff --git a/exosphere/src/timers.h b/exosphere/src/timers.h index f7480f8d2..b70feffee 100644 --- a/exosphere/src/timers.h +++ b/exosphere/src/timers.h @@ -12,6 +12,8 @@ static inline uintptr_t get_timers_base(void) { #define TIMERS_BASE (get_timers_base()) +#define MAKE_TIMERS_REG(n) (*((volatile uint32_t *)(TIMERS_BASE + n))) + #define TIMERUS_CNTR_1US_0 (*((volatile uint32_t *)(TIMERS_BASE + 0x10))) typedef struct {