diff --git a/exosphere/src/bootup.c b/exosphere/src/bootup.c index fb710c838..26348ddb9 100644 --- a/exosphere/src/bootup.c +++ b/exosphere/src/bootup.c @@ -85,22 +85,22 @@ void bootup_misc_mmio(void) { /* Mark registers secure world only. */ /* Mark SATA_AUX, DTV, QSPI, SE, SATA, LA secure only. */ - APB_MISC_SECURE_REGS_APB_SLAVE_SECURITY_ENABLE_REG0_0 = 0x504244; + APB_MISC_SECURE_REGS_APB_SLAVE_SECURITY_ENABLE_REG0_0 = SATA_AUX | DTV | QSPI | SE | SATA | LA; /* By default, mark SPI1, SPI2, SPI3, SPI5, SPI6, I2C6 secure only. */ - uint32_t sec_disable_1 = 0x83700000; + uint32_t sec_disable_1 = SPI1 | SPI2 | SPI3 | SPI5 | SPI6 | I2C6; /* By default, mark SDMMC3, DDS, DP2 secure only. */ - uint32_t sec_disable_2 = 0x304; + uint32_t sec_disable_2 = SDMMC3 | DDS |DP2; uint64_t hardware_type = configitem_get_hardware_type(); if (hardware_type != 1) { /* Also mark I2C5 secure only, */ - sec_disable_1 |= 0x20000000; + sec_disable_1 |= I2C4; /* TODO: It says I2C5, but the previously used 0x20000000 is I2C4 */ } if (hardware_type != 0 && exosphere_get_target_firmware() >= EXOSPHERE_TARGET_FIRMWARE_400) { /* Starting on 4.x on non-dev units, mark UARTB, UARTC, SPI4, I2C3 secure only. */ - sec_disable_1 |= 0x10806000; + sec_disable_1 |= UART_B | UART_C | SPI4 | I2C3; /* Starting on 4.x on non-dev units, mark SDMMC1 secure only. */ - sec_disable_2 |= 1; + sec_disable_2 |= SDMMC1; } APB_MISC_SECURE_REGS_APB_SLAVE_SECURITY_ENABLE_REG1_0 = sec_disable_1; APB_MISC_SECURE_REGS_APB_SLAVE_SECURITY_ENABLE_REG2_0 = sec_disable_2; @@ -283,8 +283,8 @@ void identity_unmap_iram_cd_tzram(void) { void secure_additional_devices(void) { if (exosphere_get_target_firmware() >= EXOSPHERE_TARGET_FIRMWARE_400) { - APB_MISC_SECURE_REGS_APB_SLAVE_SECURITY_ENABLE_REG0_0 |= 0x2000; /* make PMC secure-only (2.x+ but see note below) */ - APB_MISC_SECURE_REGS_APB_SLAVE_SECURITY_ENABLE_REG1_0 |= 0X510; /* make MC0, MC1, MCB secure-only (4.x+) */ + APB_MISC_SECURE_REGS_APB_SLAVE_SECURITY_ENABLE_REG0_0 |= PMC; /* make PMC secure-only (2.x+ but see note below) */ + APB_MISC_SECURE_REGS_APB_SLAVE_SECURITY_ENABLE_REG1_0 |= MC0 | MC1 | MCB; /* make MC0, MC1, MCB secure-only (4.x+) */ } else { /* TODO: Detect 1.x */ } diff --git a/exosphere/src/bootup.h b/exosphere/src/bootup.h index bd6ef0a38..3c47d1a38 100644 --- a/exosphere/src/bootup.h +++ b/exosphere/src/bootup.h @@ -3,6 +3,84 @@ #include +/* APB_MISC_SECURE_REGS_APB_SLAVE_SECURITY_ENABLE_REG0_0 slaves */ +enum APB_SSER0 { + MISC_REGS = 1 << 1, /* PP, SC1x pads and GP registers */ + SATA_AUX = 1 << 2, + PINMUX_AUX = 1 << 3, + APE = 1 << 4, + + DTV = 1 << 6, + + PWM = 1 << 8, /* PWFM */ + QSPI = 1 << 9, + CSITE = 1 << 10, /* Core Site */ + RTC = 1 << 11, + + PMC = 1 << 13, + SE = 1 << 14, /* Security Engine */ + FUSE = 1 << 15, + KFUSE = 1 << 16, + + UNUSED = 1 << 18, /* reserved, unused but listed as accessible */ + + SATA = 1 << 20, + HDA = 1 << 21, + LA = 1 << 22, + ATOMICS = 1 << 23, + CEC = 1 << 24, + + STM = 1 << 29 +}; + +/* APB_MISC_SECURE_REGS_APB_SLAVE_SECURITY_ENABLE_REG1_0 slaves */ +enum APB_SSER1 { + MC0 = 1 << 4, + EMC0 = 1 << 5, + + MC1 = 1 << 8, + EMC1 = 1 << 9, + MCB = 1 << 10, + EMBC = 1 << 11, + UART_A = 1 << 12, + UART_B = 1 << 13, + UART_C = 1 << 14, + UART_D = 1 << 15, + + SPI1 = 1 << 20, + SPI2 = 1 << 21, + SPI3 = 1 << 22, + SPI4 = 1 << 23, + SPI5 = 1 << 24, + SPI6 = 1 << 25, + I2C1 = 1 << 26, + I2C2 = 1 << 27, + I2C3 = 1 << 28, + I2C4 = 1 << 29, + DVC = 1 << 30, + I2C5 = 1 << 30, + I2C6 = 1 << 31 /* this will show as negative because of the 32bit sign bit being set */ +}; + +/* APB_MISC_SECURE_REGS_APB_SLAVE_SECURITY_ENABLE_REG2_0 slaves */ +enum APB_SSER2 { + SDMMC1 = 1 << 0, + SDMMC2 = 1 << 1, + SDMMC3 = 1 << 2, + SDMMC4 = 1 << 3, + + MIPIBIF = 1 << 7, /* reserved */ + DDS = 1 << 8, + DP2 = 1 << 9, + SOC_THERM = 1 << 10, + APB2JTAG = 1 << 11, + XUSB_HOST = 1 << 12, + XUSB_DEV = 1 << 13, + XUSB_PADCTL = 1 << 14, + MIPI_CAL = 1 << 15, + DVFS = 1 << 16 +}; + void bootup_misc_mmio(void); void setup_4x_mmio(void);