* [PATCH V3 1/1] ArmPlatformPkg/TZASC: Allow specifying subregions to be disabled
@ 2017-01-20 11:40 Bhupesh Sharma
2017-01-26 14:36 ` Leif Lindholm
0 siblings, 1 reply; 6+ messages in thread
From: Bhupesh Sharma @ 2017-01-20 11:40 UTC (permalink / raw)
To: edk2-devel; +Cc: bhupesh.linux, Leif Lindholm, Ard Biesheuvel
ARM TZASC-380 IP provides a mechanism to split memory regions being
protected via it into eight equal-sized sub-regions. A bit-setting
allows the corresponding subregion to be disabled.
Several NXP/FSL SoCs support the TZASC-380 IP block and allow
the DDR connected via the TZASC to be partitioned into regions
having different security settings and also allow subregions
to be disabled.
This patch enables this support and can be used for SoCs which
support such a partition of DDR regions.
Details of the 'subregion_disable' register can be viewed here:
http://infocenter.arm.com/help/topic/com.arm.doc.ddi0431c/CHDIGDCI.html
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Bhupesh Sharma <bhupesh.sharma@nxp.com>
[bhupesh.linux@gmail.com : Added my gmail ID as the NXP one is no longer valid]
Signed-off-by: Bhupesh Sharma <bhupesh.linux@gmail.com>
---
Changes from v2:
- Added more descriptive arrays as suggested by Leif
.../Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c | 14 +++++++-------
ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c | 13 ++++++++++---
ArmPlatformPkg/Include/Drivers/ArmTrustzone.h | 19 ++++++++++++++++++-
3 files changed, 35 insertions(+), 11 deletions(-)
diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
index 6fa0774f59f8..42d731ea98c9 100644
--- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
+++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
@@ -72,18 +72,18 @@ ArmPlatformSecTrustzoneInit (
// NOR Flash 0 non secure (BootMon)
TZASCSetRegion(ARM_VE_TZASC_BASE,1,TZASC_REGION_ENABLED,
ARM_VE_SMB_NOR0_BASE,0,
- TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
+ TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);
// NOR Flash 1. The first half of the NOR Flash1 must be secure for the secure firmware (sec_uefi.bin)
if (PcdGetBool (PcdTrustzoneSupport) == TRUE) {
//Note: Your OS Kernel must be aware of the secure regions before to enable this region
TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
ARM_VE_SMB_NOR1_BASE + SIZE_32MB,0,
- TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
+ TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW, 0);
} else {
TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
ARM_VE_SMB_NOR1_BASE,0,
- TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
+ TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);
}
// Base of SRAM. Only half of SRAM in Non Secure world
@@ -92,22 +92,22 @@ ArmPlatformSecTrustzoneInit (
//Note: Your OS Kernel must be aware of the secure regions before to enable this region
TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
ARM_VE_SMB_SRAM_BASE,0,
- TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW);
+ TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW, 0);
} else {
TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
ARM_VE_SMB_SRAM_BASE,0,
- TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
+ TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW, 0);
}
// Memory Mapped Peripherals. All in non secure world
TZASCSetRegion(ARM_VE_TZASC_BASE,4,TZASC_REGION_ENABLED,
ARM_VE_SMB_PERIPH_BASE,0,
- TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
+ TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);
// MotherBoard Peripherals and On-chip peripherals.
TZASCSetRegion(ARM_VE_TZASC_BASE,5,TZASC_REGION_ENABLED,
ARM_VE_SMB_MB_ON_CHIP_PERIPH_BASE,0,
- TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW);
+ TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW, 0);
}
/**
diff --git a/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c b/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
index 070c0dcb5d4d..1f002198e552 100644
--- a/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
+++ b/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
@@ -87,20 +87,27 @@ TZASCSetRegion (
IN UINTN LowAddress,
IN UINTN HighAddress,
IN UINTN Size,
- IN UINTN Security
+ IN UINTN Security,
+ IN UINTN SubregionDisableMask
)
{
UINT32* Region;
+ UINT32 RegionAttributes;
if (RegionId > TZASCGetNumRegions(TzascBase)) {
return EFI_INVALID_PARAMETER;
}
+ RegionAttributes = TZASC_REGION_ATTR_SECURITY(Security) |
+ TZASC_REGION_ATTR_SUBREG_DISABLE(SubregionDisableMask) |
+ TZASC_REGION_ATTR_SIZE(Size) |
+ TZASC_REGION_ATTR_ENABLE(Enabled);
+
Region = (UINT32*)((UINTN)TzascBase + TZASC_REGIONS_REG + (RegionId * 0x10));
- MmioWrite32((UINTN)(Region), LowAddress&0xFFFF8000);
+ MmioWrite32((UINTN)(Region), TZASC_REGION_SETUP_LO_ADDR(LowAddress));
MmioWrite32((UINTN)(Region+1), HighAddress);
- MmioWrite32((UINTN)(Region+2), ((Security & 0xF) <<28) | ((Size & 0x3F) << 1) | (Enabled & 0x1));
+ MmioWrite32((UINTN)(Region+2), RegionAttributes);
return EFI_SUCCESS;
}
diff --git a/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h b/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
index 78e98aad535f..827b5cd568c1 100644
--- a/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
+++ b/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
@@ -71,6 +71,22 @@ TZPCClearDecProtBits (
#define TZASC_REGION_SECURITY_NSW 1
#define TZASC_REGION_SECURITY_NSRW (TZASC_REGION_SECURITY_NSR|TZASC_REGION_SECURITY_NSW)
+/* Some useful masks */
+#define TZASC_REGION_SETUP_LO_ADDR_MASK 0xFFFF8000
+
+#define TZASC_REGION_ATTR_SECURITY_MASK 0xF
+#define TZASC_REGION_ATTR_SUBREG_DIS_MASK 0xFF
+#define TZASC_REGION_ATTR_SIZE_MASK 0x3F
+#define TZASC_REGION_ATTR_EN_MASK 0x1
+
+#define TZASC_REGION_SETUP_LO_ADDR(x) ((x) & TZASC_REGION_SETUP_LO_ADDR_MASK)
+
+#define TZASC_REGION_ATTR_SECURITY(x) (((x) & TZASC_REGION_ATTR_SECURITY_MASK) << 28)
+#define TZASC_REGION_ATTR_SUBREG_DISABLE(x) \
+ (((x) & TZASC_REGION_ATTR_SUBREG_DIS_MASK) << 8)
+#define TZASC_REGION_ATTR_SIZE(x) (((x) & TZASC_REGION_ATTR_SIZE_MASK) << 1)
+#define TZASC_REGION_ATTR_ENABLE(x) ((x) & TZASC_REGION_ATTR_EN_MASK)
+
/**
FIXME: Need documentation
**/
@@ -82,7 +98,8 @@ TZASCSetRegion (
IN UINTN LowAddress,
IN UINTN HighAddress,
IN UINTN Size,
- IN UINTN Security
+ IN UINTN Security,
+ IN UINTN SubregionDisableMask
);
#endif
--
2.7.4
^ permalink raw reply related [flat|nested] 6+ messages in thread* Re: [PATCH V3 1/1] ArmPlatformPkg/TZASC: Allow specifying subregions to be disabled
2017-01-20 11:40 [PATCH V3 1/1] ArmPlatformPkg/TZASC: Allow specifying subregions to be disabled Bhupesh Sharma
@ 2017-01-26 14:36 ` Leif Lindholm
2017-01-29 15:55 ` Bhupesh SHARMA
2017-01-31 9:48 ` Ryan Harkin
0 siblings, 2 replies; 6+ messages in thread
From: Leif Lindholm @ 2017-01-26 14:36 UTC (permalink / raw)
To: Bhupesh Sharma; +Cc: edk2-devel, Ard Biesheuvel
On Fri, Jan 20, 2017 at 05:10:45PM +0530, Bhupesh Sharma wrote:
> ARM TZASC-380 IP provides a mechanism to split memory regions being
> protected via it into eight equal-sized sub-regions. A bit-setting
> allows the corresponding subregion to be disabled.
>
> Several NXP/FSL SoCs support the TZASC-380 IP block and allow
> the DDR connected via the TZASC to be partitioned into regions
> having different security settings and also allow subregions
> to be disabled.
>
> This patch enables this support and can be used for SoCs which
> support such a partition of DDR regions.
>
> Details of the 'subregion_disable' register can be viewed here:
> http://infocenter.arm.com/help/topic/com.arm.doc.ddi0431c/CHDIGDCI.html
>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Bhupesh Sharma <bhupesh.sharma@nxp.com>
> [bhupesh.linux@gmail.com : Added my gmail ID as the NXP one is no longer valid]
> Signed-off-by: Bhupesh Sharma <bhupesh.linux@gmail.com>
Thanks for the cleanup.
I may actually delete that CTA9x4 lib once your platform gets in...
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Pushed as 465663e.
> ---
> Changes from v2:
> - Added more descriptive arrays as suggested by Leif
>
> .../Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c | 14 +++++++-------
> ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c | 13 ++++++++++---
> ArmPlatformPkg/Include/Drivers/ArmTrustzone.h | 19 ++++++++++++++++++-
> 3 files changed, 35 insertions(+), 11 deletions(-)
>
> diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
> index 6fa0774f59f8..42d731ea98c9 100644
> --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
> +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
> @@ -72,18 +72,18 @@ ArmPlatformSecTrustzoneInit (
> // NOR Flash 0 non secure (BootMon)
> TZASCSetRegion(ARM_VE_TZASC_BASE,1,TZASC_REGION_ENABLED,
> ARM_VE_SMB_NOR0_BASE,0,
> - TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
> + TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);
>
> // NOR Flash 1. The first half of the NOR Flash1 must be secure for the secure firmware (sec_uefi.bin)
> if (PcdGetBool (PcdTrustzoneSupport) == TRUE) {
> //Note: Your OS Kernel must be aware of the secure regions before to enable this region
> TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
> ARM_VE_SMB_NOR1_BASE + SIZE_32MB,0,
> - TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
> + TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW, 0);
> } else {
> TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
> ARM_VE_SMB_NOR1_BASE,0,
> - TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
> + TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);
> }
>
> // Base of SRAM. Only half of SRAM in Non Secure world
> @@ -92,22 +92,22 @@ ArmPlatformSecTrustzoneInit (
> //Note: Your OS Kernel must be aware of the secure regions before to enable this region
> TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
> ARM_VE_SMB_SRAM_BASE,0,
> - TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW);
> + TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW, 0);
> } else {
> TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
> ARM_VE_SMB_SRAM_BASE,0,
> - TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
> + TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW, 0);
> }
>
> // Memory Mapped Peripherals. All in non secure world
> TZASCSetRegion(ARM_VE_TZASC_BASE,4,TZASC_REGION_ENABLED,
> ARM_VE_SMB_PERIPH_BASE,0,
> - TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
> + TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);
>
> // MotherBoard Peripherals and On-chip peripherals.
> TZASCSetRegion(ARM_VE_TZASC_BASE,5,TZASC_REGION_ENABLED,
> ARM_VE_SMB_MB_ON_CHIP_PERIPH_BASE,0,
> - TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW);
> + TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW, 0);
> }
>
> /**
> diff --git a/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c b/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
> index 070c0dcb5d4d..1f002198e552 100644
> --- a/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
> +++ b/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
> @@ -87,20 +87,27 @@ TZASCSetRegion (
> IN UINTN LowAddress,
> IN UINTN HighAddress,
> IN UINTN Size,
> - IN UINTN Security
> + IN UINTN Security,
> + IN UINTN SubregionDisableMask
> )
> {
> UINT32* Region;
> + UINT32 RegionAttributes;
>
> if (RegionId > TZASCGetNumRegions(TzascBase)) {
> return EFI_INVALID_PARAMETER;
> }
>
> + RegionAttributes = TZASC_REGION_ATTR_SECURITY(Security) |
> + TZASC_REGION_ATTR_SUBREG_DISABLE(SubregionDisableMask) |
> + TZASC_REGION_ATTR_SIZE(Size) |
> + TZASC_REGION_ATTR_ENABLE(Enabled);
> +
> Region = (UINT32*)((UINTN)TzascBase + TZASC_REGIONS_REG + (RegionId * 0x10));
>
> - MmioWrite32((UINTN)(Region), LowAddress&0xFFFF8000);
> + MmioWrite32((UINTN)(Region), TZASC_REGION_SETUP_LO_ADDR(LowAddress));
> MmioWrite32((UINTN)(Region+1), HighAddress);
> - MmioWrite32((UINTN)(Region+2), ((Security & 0xF) <<28) | ((Size & 0x3F) << 1) | (Enabled & 0x1));
> + MmioWrite32((UINTN)(Region+2), RegionAttributes);
>
> return EFI_SUCCESS;
> }
> diff --git a/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h b/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
> index 78e98aad535f..827b5cd568c1 100644
> --- a/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
> +++ b/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
> @@ -71,6 +71,22 @@ TZPCClearDecProtBits (
> #define TZASC_REGION_SECURITY_NSW 1
> #define TZASC_REGION_SECURITY_NSRW (TZASC_REGION_SECURITY_NSR|TZASC_REGION_SECURITY_NSW)
>
> +/* Some useful masks */
> +#define TZASC_REGION_SETUP_LO_ADDR_MASK 0xFFFF8000
> +
> +#define TZASC_REGION_ATTR_SECURITY_MASK 0xF
> +#define TZASC_REGION_ATTR_SUBREG_DIS_MASK 0xFF
> +#define TZASC_REGION_ATTR_SIZE_MASK 0x3F
> +#define TZASC_REGION_ATTR_EN_MASK 0x1
> +
> +#define TZASC_REGION_SETUP_LO_ADDR(x) ((x) & TZASC_REGION_SETUP_LO_ADDR_MASK)
> +
> +#define TZASC_REGION_ATTR_SECURITY(x) (((x) & TZASC_REGION_ATTR_SECURITY_MASK) << 28)
> +#define TZASC_REGION_ATTR_SUBREG_DISABLE(x) \
> + (((x) & TZASC_REGION_ATTR_SUBREG_DIS_MASK) << 8)
> +#define TZASC_REGION_ATTR_SIZE(x) (((x) & TZASC_REGION_ATTR_SIZE_MASK) << 1)
> +#define TZASC_REGION_ATTR_ENABLE(x) ((x) & TZASC_REGION_ATTR_EN_MASK)
> +
> /**
> FIXME: Need documentation
> **/
> @@ -82,7 +98,8 @@ TZASCSetRegion (
> IN UINTN LowAddress,
> IN UINTN HighAddress,
> IN UINTN Size,
> - IN UINTN Security
> + IN UINTN Security,
> + IN UINTN SubregionDisableMask
> );
>
> #endif
> --
> 2.7.4
>
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: [PATCH V3 1/1] ArmPlatformPkg/TZASC: Allow specifying subregions to be disabled
2017-01-26 14:36 ` Leif Lindholm
@ 2017-01-29 15:55 ` Bhupesh SHARMA
2017-01-31 9:48 ` Ryan Harkin
1 sibling, 0 replies; 6+ messages in thread
From: Bhupesh SHARMA @ 2017-01-29 15:55 UTC (permalink / raw)
To: Leif Lindholm; +Cc: edk2-devel, Ard Biesheuvel
On Thu, Jan 26, 2017 at 8:06 PM, Leif Lindholm <leif.lindholm@linaro.org> wrote:
> On Fri, Jan 20, 2017 at 05:10:45PM +0530, Bhupesh Sharma wrote:
>> ARM TZASC-380 IP provides a mechanism to split memory regions being
>> protected via it into eight equal-sized sub-regions. A bit-setting
>> allows the corresponding subregion to be disabled.
>>
>> Several NXP/FSL SoCs support the TZASC-380 IP block and allow
>> the DDR connected via the TZASC to be partitioned into regions
>> having different security settings and also allow subregions
>> to be disabled.
>>
>> This patch enables this support and can be used for SoCs which
>> support such a partition of DDR regions.
>>
>> Details of the 'subregion_disable' register can be viewed here:
>> http://infocenter.arm.com/help/topic/com.arm.doc.ddi0431c/CHDIGDCI.html
>>
>> Cc: Leif Lindholm <leif.lindholm@linaro.org>
>> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> Contributed-under: TianoCore Contribution Agreement 1.0
>> Signed-off-by: Bhupesh Sharma <bhupesh.sharma@nxp.com>
>> [bhupesh.linux@gmail.com : Added my gmail ID as the NXP one is no longer valid]
>> Signed-off-by: Bhupesh Sharma <bhupesh.linux@gmail.com>
>
> Thanks for the cleanup.
> I may actually delete that CTA9x4 lib once your platform gets in...
>
> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
>
> Pushed as 465663e.
Many thanks Leif.
Regards,
Bhupesh
>> ---
>> Changes from v2:
>> - Added more descriptive arrays as suggested by Leif
>>
>> .../Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c | 14 +++++++-------
>> ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c | 13 ++++++++++---
>> ArmPlatformPkg/Include/Drivers/ArmTrustzone.h | 19 ++++++++++++++++++-
>> 3 files changed, 35 insertions(+), 11 deletions(-)
>>
>> diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
>> index 6fa0774f59f8..42d731ea98c9 100644
>> --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
>> +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
>> @@ -72,18 +72,18 @@ ArmPlatformSecTrustzoneInit (
>> // NOR Flash 0 non secure (BootMon)
>> TZASCSetRegion(ARM_VE_TZASC_BASE,1,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_NOR0_BASE,0,
>> - TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);
>>
>> // NOR Flash 1. The first half of the NOR Flash1 must be secure for the secure firmware (sec_uefi.bin)
>> if (PcdGetBool (PcdTrustzoneSupport) == TRUE) {
>> //Note: Your OS Kernel must be aware of the secure regions before to enable this region
>> TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_NOR1_BASE + SIZE_32MB,0,
>> - TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW, 0);
>> } else {
>> TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_NOR1_BASE,0,
>> - TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);
>> }
>>
>> // Base of SRAM. Only half of SRAM in Non Secure world
>> @@ -92,22 +92,22 @@ ArmPlatformSecTrustzoneInit (
>> //Note: Your OS Kernel must be aware of the secure regions before to enable this region
>> TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_SRAM_BASE,0,
>> - TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW, 0);
>> } else {
>> TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_SRAM_BASE,0,
>> - TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW, 0);
>> }
>>
>> // Memory Mapped Peripherals. All in non secure world
>> TZASCSetRegion(ARM_VE_TZASC_BASE,4,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_PERIPH_BASE,0,
>> - TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);
>>
>> // MotherBoard Peripherals and On-chip peripherals.
>> TZASCSetRegion(ARM_VE_TZASC_BASE,5,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_MB_ON_CHIP_PERIPH_BASE,0,
>> - TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW, 0);
>> }
>>
>> /**
>> diff --git a/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c b/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
>> index 070c0dcb5d4d..1f002198e552 100644
>> --- a/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
>> +++ b/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
>> @@ -87,20 +87,27 @@ TZASCSetRegion (
>> IN UINTN LowAddress,
>> IN UINTN HighAddress,
>> IN UINTN Size,
>> - IN UINTN Security
>> + IN UINTN Security,
>> + IN UINTN SubregionDisableMask
>> )
>> {
>> UINT32* Region;
>> + UINT32 RegionAttributes;
>>
>> if (RegionId > TZASCGetNumRegions(TzascBase)) {
>> return EFI_INVALID_PARAMETER;
>> }
>>
>> + RegionAttributes = TZASC_REGION_ATTR_SECURITY(Security) |
>> + TZASC_REGION_ATTR_SUBREG_DISABLE(SubregionDisableMask) |
>> + TZASC_REGION_ATTR_SIZE(Size) |
>> + TZASC_REGION_ATTR_ENABLE(Enabled);
>> +
>> Region = (UINT32*)((UINTN)TzascBase + TZASC_REGIONS_REG + (RegionId * 0x10));
>>
>> - MmioWrite32((UINTN)(Region), LowAddress&0xFFFF8000);
>> + MmioWrite32((UINTN)(Region), TZASC_REGION_SETUP_LO_ADDR(LowAddress));
>> MmioWrite32((UINTN)(Region+1), HighAddress);
>> - MmioWrite32((UINTN)(Region+2), ((Security & 0xF) <<28) | ((Size & 0x3F) << 1) | (Enabled & 0x1));
>> + MmioWrite32((UINTN)(Region+2), RegionAttributes);
>>
>> return EFI_SUCCESS;
>> }
>> diff --git a/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h b/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
>> index 78e98aad535f..827b5cd568c1 100644
>> --- a/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
>> +++ b/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
>> @@ -71,6 +71,22 @@ TZPCClearDecProtBits (
>> #define TZASC_REGION_SECURITY_NSW 1
>> #define TZASC_REGION_SECURITY_NSRW (TZASC_REGION_SECURITY_NSR|TZASC_REGION_SECURITY_NSW)
>>
>> +/* Some useful masks */
>> +#define TZASC_REGION_SETUP_LO_ADDR_MASK 0xFFFF8000
>> +
>> +#define TZASC_REGION_ATTR_SECURITY_MASK 0xF
>> +#define TZASC_REGION_ATTR_SUBREG_DIS_MASK 0xFF
>> +#define TZASC_REGION_ATTR_SIZE_MASK 0x3F
>> +#define TZASC_REGION_ATTR_EN_MASK 0x1
>> +
>> +#define TZASC_REGION_SETUP_LO_ADDR(x) ((x) & TZASC_REGION_SETUP_LO_ADDR_MASK)
>> +
>> +#define TZASC_REGION_ATTR_SECURITY(x) (((x) & TZASC_REGION_ATTR_SECURITY_MASK) << 28)
>> +#define TZASC_REGION_ATTR_SUBREG_DISABLE(x) \
>> + (((x) & TZASC_REGION_ATTR_SUBREG_DIS_MASK) << 8)
>> +#define TZASC_REGION_ATTR_SIZE(x) (((x) & TZASC_REGION_ATTR_SIZE_MASK) << 1)
>> +#define TZASC_REGION_ATTR_ENABLE(x) ((x) & TZASC_REGION_ATTR_EN_MASK)
>> +
>> /**
>> FIXME: Need documentation
>> **/
>> @@ -82,7 +98,8 @@ TZASCSetRegion (
>> IN UINTN LowAddress,
>> IN UINTN HighAddress,
>> IN UINTN Size,
>> - IN UINTN Security
>> + IN UINTN Security,
>> + IN UINTN SubregionDisableMask
>> );
>>
>> #endif
>> --
>> 2.7.4
>>
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: [PATCH V3 1/1] ArmPlatformPkg/TZASC: Allow specifying subregions to be disabled
2017-01-26 14:36 ` Leif Lindholm
2017-01-29 15:55 ` Bhupesh SHARMA
@ 2017-01-31 9:48 ` Ryan Harkin
2017-01-31 11:44 ` Leif Lindholm
1 sibling, 1 reply; 6+ messages in thread
From: Ryan Harkin @ 2017-01-31 9:48 UTC (permalink / raw)
To: Leif Lindholm; +Cc: Bhupesh Sharma, edk2-devel@lists.01.org, Ard Biesheuvel
On 26 January 2017 at 14:36, Leif Lindholm <leif.lindholm@linaro.org> wrote:
> On Fri, Jan 20, 2017 at 05:10:45PM +0530, Bhupesh Sharma wrote:
>> ARM TZASC-380 IP provides a mechanism to split memory regions being
>> protected via it into eight equal-sized sub-regions. A bit-setting
>> allows the corresponding subregion to be disabled.
>>
>> Several NXP/FSL SoCs support the TZASC-380 IP block and allow
>> the DDR connected via the TZASC to be partitioned into regions
>> having different security settings and also allow subregions
>> to be disabled.
>>
>> This patch enables this support and can be used for SoCs which
>> support such a partition of DDR regions.
>>
>> Details of the 'subregion_disable' register can be viewed here:
>> http://infocenter.arm.com/help/topic/com.arm.doc.ddi0431c/CHDIGDCI.html
>>
>> Cc: Leif Lindholm <leif.lindholm@linaro.org>
>> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> Contributed-under: TianoCore Contribution Agreement 1.0
>> Signed-off-by: Bhupesh Sharma <bhupesh.sharma@nxp.com>
>> [bhupesh.linux@gmail.com : Added my gmail ID as the NXP one is no longer valid]
>> Signed-off-by: Bhupesh Sharma <bhupesh.linux@gmail.com>
>
> Thanks for the cleanup.
> I may actually delete that CTA9x4 lib once your platform gets in...
>
Probably a good idea. I suspect it's not used or tested any more,
unless QEMU is using it?
> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
>
> Pushed as 465663e.
>
>> ---
>> Changes from v2:
>> - Added more descriptive arrays as suggested by Leif
>>
>> .../Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c | 14 +++++++-------
>> ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c | 13 ++++++++++---
>> ArmPlatformPkg/Include/Drivers/ArmTrustzone.h | 19 ++++++++++++++++++-
>> 3 files changed, 35 insertions(+), 11 deletions(-)
>>
>> diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
>> index 6fa0774f59f8..42d731ea98c9 100644
>> --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
>> +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
>> @@ -72,18 +72,18 @@ ArmPlatformSecTrustzoneInit (
>> // NOR Flash 0 non secure (BootMon)
>> TZASCSetRegion(ARM_VE_TZASC_BASE,1,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_NOR0_BASE,0,
>> - TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);
>>
>> // NOR Flash 1. The first half of the NOR Flash1 must be secure for the secure firmware (sec_uefi.bin)
>> if (PcdGetBool (PcdTrustzoneSupport) == TRUE) {
>> //Note: Your OS Kernel must be aware of the secure regions before to enable this region
>> TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_NOR1_BASE + SIZE_32MB,0,
>> - TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW, 0);
>> } else {
>> TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_NOR1_BASE,0,
>> - TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);
>> }
>>
>> // Base of SRAM. Only half of SRAM in Non Secure world
>> @@ -92,22 +92,22 @@ ArmPlatformSecTrustzoneInit (
>> //Note: Your OS Kernel must be aware of the secure regions before to enable this region
>> TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_SRAM_BASE,0,
>> - TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW, 0);
>> } else {
>> TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_SRAM_BASE,0,
>> - TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW, 0);
>> }
>>
>> // Memory Mapped Peripherals. All in non secure world
>> TZASCSetRegion(ARM_VE_TZASC_BASE,4,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_PERIPH_BASE,0,
>> - TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW, 0);
>>
>> // MotherBoard Peripherals and On-chip peripherals.
>> TZASCSetRegion(ARM_VE_TZASC_BASE,5,TZASC_REGION_ENABLED,
>> ARM_VE_SMB_MB_ON_CHIP_PERIPH_BASE,0,
>> - TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW);
>> + TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW, 0);
>> }
>>
>> /**
>> diff --git a/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c b/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
>> index 070c0dcb5d4d..1f002198e552 100644
>> --- a/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
>> +++ b/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
>> @@ -87,20 +87,27 @@ TZASCSetRegion (
>> IN UINTN LowAddress,
>> IN UINTN HighAddress,
>> IN UINTN Size,
>> - IN UINTN Security
>> + IN UINTN Security,
>> + IN UINTN SubregionDisableMask
>> )
>> {
>> UINT32* Region;
>> + UINT32 RegionAttributes;
>>
>> if (RegionId > TZASCGetNumRegions(TzascBase)) {
>> return EFI_INVALID_PARAMETER;
>> }
>>
>> + RegionAttributes = TZASC_REGION_ATTR_SECURITY(Security) |
>> + TZASC_REGION_ATTR_SUBREG_DISABLE(SubregionDisableMask) |
>> + TZASC_REGION_ATTR_SIZE(Size) |
>> + TZASC_REGION_ATTR_ENABLE(Enabled);
>> +
>> Region = (UINT32*)((UINTN)TzascBase + TZASC_REGIONS_REG + (RegionId * 0x10));
>>
>> - MmioWrite32((UINTN)(Region), LowAddress&0xFFFF8000);
>> + MmioWrite32((UINTN)(Region), TZASC_REGION_SETUP_LO_ADDR(LowAddress));
>> MmioWrite32((UINTN)(Region+1), HighAddress);
>> - MmioWrite32((UINTN)(Region+2), ((Security & 0xF) <<28) | ((Size & 0x3F) << 1) | (Enabled & 0x1));
>> + MmioWrite32((UINTN)(Region+2), RegionAttributes);
>>
>> return EFI_SUCCESS;
>> }
>> diff --git a/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h b/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
>> index 78e98aad535f..827b5cd568c1 100644
>> --- a/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
>> +++ b/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
>> @@ -71,6 +71,22 @@ TZPCClearDecProtBits (
>> #define TZASC_REGION_SECURITY_NSW 1
>> #define TZASC_REGION_SECURITY_NSRW (TZASC_REGION_SECURITY_NSR|TZASC_REGION_SECURITY_NSW)
>>
>> +/* Some useful masks */
>> +#define TZASC_REGION_SETUP_LO_ADDR_MASK 0xFFFF8000
>> +
>> +#define TZASC_REGION_ATTR_SECURITY_MASK 0xF
>> +#define TZASC_REGION_ATTR_SUBREG_DIS_MASK 0xFF
>> +#define TZASC_REGION_ATTR_SIZE_MASK 0x3F
>> +#define TZASC_REGION_ATTR_EN_MASK 0x1
>> +
>> +#define TZASC_REGION_SETUP_LO_ADDR(x) ((x) & TZASC_REGION_SETUP_LO_ADDR_MASK)
>> +
>> +#define TZASC_REGION_ATTR_SECURITY(x) (((x) & TZASC_REGION_ATTR_SECURITY_MASK) << 28)
>> +#define TZASC_REGION_ATTR_SUBREG_DISABLE(x) \
>> + (((x) & TZASC_REGION_ATTR_SUBREG_DIS_MASK) << 8)
>> +#define TZASC_REGION_ATTR_SIZE(x) (((x) & TZASC_REGION_ATTR_SIZE_MASK) << 1)
>> +#define TZASC_REGION_ATTR_ENABLE(x) ((x) & TZASC_REGION_ATTR_EN_MASK)
>> +
>> /**
>> FIXME: Need documentation
>> **/
>> @@ -82,7 +98,8 @@ TZASCSetRegion (
>> IN UINTN LowAddress,
>> IN UINTN HighAddress,
>> IN UINTN Size,
>> - IN UINTN Security
>> + IN UINTN Security,
>> + IN UINTN SubregionDisableMask
>> );
>>
>> #endif
>> --
>> 2.7.4
>>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: [PATCH V3 1/1] ArmPlatformPkg/TZASC: Allow specifying subregions to be disabled
2017-01-31 9:48 ` Ryan Harkin
@ 2017-01-31 11:44 ` Leif Lindholm
2017-01-31 12:34 ` Ryan Harkin
0 siblings, 1 reply; 6+ messages in thread
From: Leif Lindholm @ 2017-01-31 11:44 UTC (permalink / raw)
To: Ryan Harkin; +Cc: Bhupesh Sharma, edk2-devel@lists.01.org, Ard Biesheuvel
On Tue, Jan 31, 2017 at 09:48:11AM +0000, Ryan Harkin wrote:
> On 26 January 2017 at 14:36, Leif Lindholm <leif.lindholm@linaro.org> wrote:
> > On Fri, Jan 20, 2017 at 05:10:45PM +0530, Bhupesh Sharma wrote:
> >> ARM TZASC-380 IP provides a mechanism to split memory regions being
> >> protected via it into eight equal-sized sub-regions. A bit-setting
> >> allows the corresponding subregion to be disabled.
> >>
> >> Several NXP/FSL SoCs support the TZASC-380 IP block and allow
> >> the DDR connected via the TZASC to be partitioned into regions
> >> having different security settings and also allow subregions
> >> to be disabled.
> >>
> >> This patch enables this support and can be used for SoCs which
> >> support such a partition of DDR regions.
> >>
> >> Details of the 'subregion_disable' register can be viewed here:
> >> http://infocenter.arm.com/help/topic/com.arm.doc.ddi0431c/CHDIGDCI.html
> >>
> >> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> >> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> >> Contributed-under: TianoCore Contribution Agreement 1.0
> >> Signed-off-by: Bhupesh Sharma <bhupesh.sharma@nxp.com>
> >> [bhupesh.linux@gmail.com : Added my gmail ID as the NXP one is no longer valid]
> >> Signed-off-by: Bhupesh Sharma <bhupesh.linux@gmail.com>
> >
> > Thanks for the cleanup.
> > I may actually delete that CTA9x4 lib once your platform gets in...
> >
> Probably a good idea. I suspect it's not used or tested any more,
> unless QEMU is using it?
It's unused. And if we do ever resurrect the CTA9 port, it'll be using
ARM Trusted Firmware, so this code will still be irrelevant.
/
Leif
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: [PATCH V3 1/1] ArmPlatformPkg/TZASC: Allow specifying subregions to be disabled
2017-01-31 11:44 ` Leif Lindholm
@ 2017-01-31 12:34 ` Ryan Harkin
0 siblings, 0 replies; 6+ messages in thread
From: Ryan Harkin @ 2017-01-31 12:34 UTC (permalink / raw)
To: Leif Lindholm; +Cc: Bhupesh Sharma, edk2-devel@lists.01.org, Ard Biesheuvel
On 31 January 2017 at 11:44, Leif Lindholm <leif.lindholm@linaro.org> wrote:
> On Tue, Jan 31, 2017 at 09:48:11AM +0000, Ryan Harkin wrote:
>> On 26 January 2017 at 14:36, Leif Lindholm <leif.lindholm@linaro.org> wrote:
>> > On Fri, Jan 20, 2017 at 05:10:45PM +0530, Bhupesh Sharma wrote:
>> >> ARM TZASC-380 IP provides a mechanism to split memory regions being
>> >> protected via it into eight equal-sized sub-regions. A bit-setting
>> >> allows the corresponding subregion to be disabled.
>> >>
>> >> Several NXP/FSL SoCs support the TZASC-380 IP block and allow
>> >> the DDR connected via the TZASC to be partitioned into regions
>> >> having different security settings and also allow subregions
>> >> to be disabled.
>> >>
>> >> This patch enables this support and can be used for SoCs which
>> >> support such a partition of DDR regions.
>> >>
>> >> Details of the 'subregion_disable' register can be viewed here:
>> >> http://infocenter.arm.com/help/topic/com.arm.doc.ddi0431c/CHDIGDCI.html
>> >>
>> >> Cc: Leif Lindholm <leif.lindholm@linaro.org>
>> >> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> >> Contributed-under: TianoCore Contribution Agreement 1.0
>> >> Signed-off-by: Bhupesh Sharma <bhupesh.sharma@nxp.com>
>> >> [bhupesh.linux@gmail.com : Added my gmail ID as the NXP one is no longer valid]
>> >> Signed-off-by: Bhupesh Sharma <bhupesh.linux@gmail.com>
>> >
>> > Thanks for the cleanup.
>> > I may actually delete that CTA9x4 lib once your platform gets in...
>> >
>> Probably a good idea. I suspect it's not used or tested any more,
>> unless QEMU is using it?
>
> It's unused.
Good. Maybe it's u-boot that uses CTA9 for qemu testing...
> And if we do ever resurrect the CTA9 port, it'll be using
> ARM Trusted Firmware,
Gulp!
> so this code will still be irrelevant.
>
Exterminate!
> /
> Leif
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2017-01-31 12:34 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-01-20 11:40 [PATCH V3 1/1] ArmPlatformPkg/TZASC: Allow specifying subregions to be disabled Bhupesh Sharma
2017-01-26 14:36 ` Leif Lindholm
2017-01-29 15:55 ` Bhupesh SHARMA
2017-01-31 9:48 ` Ryan Harkin
2017-01-31 11:44 ` Leif Lindholm
2017-01-31 12:34 ` Ryan Harkin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox