Add firewall configurations to protect ATF and OP-TEE memory regions from non-secure read's and write's in Verdin AM62P board.
Signed-off-by: Suhaas Joshi <[email protected]> --- .../dts/k3-am62p5-verdin-wifi-dev-binman.dtsi | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/arch/arm/dts/k3-am62p5-verdin-wifi-dev-binman.dtsi b/arch/arm/dts/k3-am62p5-verdin-wifi-dev-binman.dtsi index 57ce3c0b41c..b46e871ef8a 100644 --- a/arch/arm/dts/k3-am62p5-verdin-wifi-dev-binman.dtsi +++ b/arch/arm/dts/k3-am62p5-verdin-wifi-dev-binman.dtsi @@ -159,6 +159,38 @@ fit { images { + atf { + ti-secure { + auth-in-place = <0xa02>; + + firewall-1-0 { + insert-template = <&firewall_bg_3>; + id = <1>; + region = <0>; + }; + + firewall-1-1 { + insert-template = <&firewall_armv8_atf_fg>; + id = <1>; + region = <1>; + }; + + }; + }; + + tee { + ti-secure { + auth-in-place = <0xa02>; + + firewall-1-2 { + insert-template = <&firewall_armv8_optee_fg>; + id = <1>; + region = <2>; + }; + + }; + }; + tifsstub-hs { description = "TIFSSTUB"; type = "firmware"; -- 2.34.1
