Bus-Firewalls in Device Tree: Goals

• describe firewall controllers

• describe which device is protected by which controller

• describe a new ID space to configure the firewalls

• describe domains-based firewall configurations in system device tree

Firewall Controllers

• based on the existing proposal by ST

• a node describing a firewall controller
  • there can be multiple controllers in a system
• a #firewall-cells property to define firewall-specific extra information
  • #firewall-cells can be 0
• a firewall property under each device node linking to the appropriate firewall controller

  • it links to the firewall controller protecting accesses to the device MMIO regions

    ctrl0: firewall@5c007000 {
            compatible = "st,stm32-etzpc";
            reg = <0x5c007000 0x400>;
            #firewall-cells = <2>;
            status = "okay";
    };
    
    /* ctrl0 protects accesses to foo */
    foo: foo@0 {
            firewall-names = "default", "setting1";
            firewall = <&ctrl0 1 2>;
    };

Bus Master IDs

Bus mastering devices are identified by firewalls using IDs. Their transactions are marked with a device ID. These IDs are used to configure bus-firewalls.

• We shall call these IDs "Bus Master IDs"

• We shall advertise them on device tree using a new property: bus-master-id

• bus-master-id = <&controller u32>

  foo: foo@0 {
      bus-master-id = <&ctrl0 0x12>;

System Device Tree Hardware Description Example

amba_xppu: indirect-bus@1 {
    compatible = "indirect-bus";
    #address-cells = <0x2>;
    #size-cells = <0x2>;

    lpd_xppu: xppu@ff990000 {
        compatible = "xlnx,xppu"
        #firewall-cells = <0x0>;
        reg = <0x0 0xff990000 0x0 0x1000>;
    };

    pmc_xppu: xppu@f1310000 {
        compatible = "xlnx,xppu"
        #firewall-cells = <0x0>;
        reg = <0x0 0xf1310000 0x0 0x1000>;
    };
};

cpus_r5: cpus-cluster@0 {
    #address-cells = <0x1>;
    #size-cells = <0x0>;
    #cpus-mask-cells = <0x1>;
    compatible = "cpus,cluster";

    bus-master-id = <&lpd_xppu 0x0>, <&pmc_xppu 0x0>, <&lpd_xppu 0x1>, <&pmc_xppu 0x1>;
};

amba {
    ethernet0: ethernet@ff0c0000 {
        bus-master-id = <&lpd_xppu 0x234>, <&pmc_xppu 0x234>;
        firewall = <&lpd_xppu>;
    };

    can0: can@ff060000 {
        firewall = <&lpd_xppu>;
    };

    mmc0: sdhci@f1050000 {
        bus-master-id = <&lpd_xppu 0x243>, <&pmc_xppu 0x243>;
        firewall = <&pmc_xppu>;
    };

    serial0: serial@ff000000 {
        firewall = <&lpd_xppu>;
    };
};

IOMMU Bindings

• iommus provides the same info as bus-master-id
• we lack a way to specify the slave-side connection, e.g. the firewall property

        smmu: smmu@fd800000 {
            compatible = "arm,mmu-500";
            reg = <0 0xfd800000 0 0x40000>;
            stream-match-mask = <0x7c00>;
            #iommu-cells = <1>;
        };

        gem0: ethernet@ff0c0000 {
            reg = <0 0xff0d0000 0 0x1000>;
            #stream-id-cells = <1>;
            iommus = <&smmu 0x235>;
        };

Firewalls using IOMMU bindings

• iommus provides the same info as bus-master-id
• we lack a way to specify the slave-side connection, e.g. the firewall property

    amba_xppu: indirect-bus@1 {
        compatible = "indirect-bus";
        #address-cells = <0x2>;
        #size-cells = <0x2>;

        lpd_xppu: xppu@ff990000 {
            compatible = "xlnx,xppu"
            #iommu-cells = <1>;
            /* #firewall-cells = <0x0>; */
            reg = <0x0 0xff990000 0x0 0x1000>;
        };

        pmc_xppu: xppu@f1310000 {
            compatible = "xlnx,xppu"
            #iommu-cells = <1>;
            /* #firewall-cells = <0x0>; */
            reg = <0x0 0xf1310000 0x0 0x1000>;
        };
    };

    cpus_r5: cpus-cluster@0 {
        #address-cells = <0x1>;
        #size-cells = <0x0>;
        #cpus-mask-cells = <0x1>;
        compatible = "cpus,cluster";

        iommus = <&lpd_xppu 0x0>, <&pmc_xppu 0x0>, <&lpd_xppu 0x1>, <&pmc_xppu 0x1>;
    };

    amba {
        ethernet0: ethernet@ff0c0000 {
            iommus = <&lpd_xppu 0x234>, <&pmc_xppu 0x234>;
            /* firewall = <&lpd_xppu>;  XXX */
        };

        can0: can@ff060000 {
            /* firewall = <&lpd_xppu>;  XXX */
        };

        mmc0: sdhci@f1050000 {
            iommus = <&lpd_xppu 0x243>, <&pmc_xppu 0x243>;
            /* firewall = <&pmc_xppu>;  XXX */
        };

        serial0: serial@ff000000 {
            /* firewall = <&lpd_xppu>;  XXX */
        };
    };