From: Leif Lindholm <leif.lindholm@linaro.org>
To: Bhupesh Sharma <bhupesh.sharma@nxp.com>
Cc: "edk2-devel@ml01.01.org" <edk2-devel@ml01.01.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
"linaro-uefi@lists.linaro.org" <linaro-uefi@lists.linaro.org>,
evan.lloyd@arm.com, ryan.harkin@linaro.org
Subject: Re: [RESEND PATCH 1/1] ArmPlatformPkg/ArmTrustZone: Add support for specifying Subregions to be disabled
Date: Mon, 17 Oct 2016 14:25:25 +0100 [thread overview]
Message-ID: <20161017132525.GW3471@bivouac.eciton.net> (raw)
In-Reply-To: <AM4PR0401MB22893074F7071A9463F2005C88D00@AM4PR0401MB2289.eurprd04.prod.outlook.com>
On Mon, Oct 17, 2016 at 10:18:01AM +0000, Bhupesh Sharma wrote:
> Hi Ard, Leif,
>
> Any comments on this patch ?
You didn't cc me before :)
But more importantly, I don't really have any platform to test this
on, so I could use a Tested-by: from someone who does. Evan, do you?
> > From: Bhupesh Sharma [mailto:bhupesh.sharma@nxp.com]
> > Sent: Friday, October 14, 2016 4:40 PM
> >
> > ARM TZASC-380 IP provides a mechanism to split memory regions being
> > protected via it into eight equal-sized sub-regions, with a bit setting
> > allowing the corresponding subregion to be disabled.
> >
> > Several NXP/FSL SoCs support the TZASC-380 IP block and allow the DDR
> > connected via the TZASC to be partitioned into regions having different
> > security settings.
> >
> > This patch enables this support and can be used for SoCs which support
> > such partition of DDR regions.
> >
> > Details of the 'subregion_disable'
This is not actually what the register is called in the link you're
providing.
> > register can be viewed here:
> > http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0431c/CJ
> > ABCFHB.html
> >
> > Contributed-under: TianoCore Contribution Agreement 1.0
> > Signed-off-by: Bhupesh Sharma <bhupesh.sharma@nxp.com>
> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > ---
> > .../Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c | 21
> > ++++++++++++++-------
> > ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c | 5 +++--
> > ArmPlatformPkg/Include/Drivers/ArmTrustzone.h | 3 ++-
> > 3 files changed, 19 insertions(+), 10 deletions(-)
> >
> > diff --git
> > a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4S
> > ec.c
> > b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4S
> > ec.c
> > index 6fa0774..d358d65 100644
> > ---
> > a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4S
> > ec.c
> > +++
> > b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9
> > +++ x4Sec.c
> > @@ -72,18 +72,21 @@ ArmPlatformSecTrustzoneInit (
> > // NOR Flash 0 non secure (BootMon)
> > TZASCSetRegion(ARM_VE_TZASC_BASE,1,TZASC_REGION_ENABLED,
> > ARM_VE_SMB_NOR0_BASE,0,
> > - TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
> > + TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW,
> > + 0);
> >
> > // NOR Flash 1. The first half of the NOR Flash1 must be secure for
> > the secure firmware (sec_uefi.bin)
> > if (PcdGetBool (PcdTrustzoneSupport) == TRUE) {
> > //Note: Your OS Kernel must be aware of the secure regions before
> > to enable this region
> > TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
> > ARM_VE_SMB_NOR1_BASE + SIZE_32MB,0,
> > - TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
> > + TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW,
> > + 0);
TAB used (convert to spaces).
> > } else {
> > TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
> > ARM_VE_SMB_NOR1_BASE,0,
> > - TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
> > + TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW,
> > + 0);
TAB used (convert to spaces).
> > }
> >
> > // Base of SRAM. Only half of SRAM in Non Secure world @@ -92,22
> > +95,26 @@ ArmPlatformSecTrustzoneInit (
> > //Note: Your OS Kernel must be aware of the secure regions before
> > to enable this region
> > TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
> > ARM_VE_SMB_SRAM_BASE,0,
> > - TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW);
> > + TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW,
> > + 0);
TAB used (convert to spaces).
> > } else {
> > TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
> > ARM_VE_SMB_SRAM_BASE,0,
> > - TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
> > + TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW,
> > + 0);
TAB used (convert to spaces).
(These are all found by BaseTools/Scripts/PatchCheck.py, which also
points out that the subject line is too long.)
> > }
> >
> > // Memory Mapped Peripherals. All in non secure world
> > TZASCSetRegion(ARM_VE_TZASC_BASE,4,TZASC_REGION_ENABLED,
> > ARM_VE_SMB_PERIPH_BASE,0,
> > - TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
> > + TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW,
> > + 0);
> >
> > // MotherBoard Peripherals and On-chip peripherals.
> > TZASCSetRegion(ARM_VE_TZASC_BASE,5,TZASC_REGION_ENABLED,
> > ARM_VE_SMB_MB_ON_CHIP_PERIPH_BASE,0,
> > - TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW);
> > + TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW,
> > + 0);
> > }
> >
> > /**
> > diff --git a/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
> > b/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
> > index 070c0dc..5cd41ef 100644
> > --- a/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
> > +++ b/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
> > @@ -87,7 +87,8 @@ TZASCSetRegion (
> > IN UINTN LowAddress,
> > IN UINTN HighAddress,
> > IN UINTN Size,
> > - IN UINTN Security
> > + IN UINTN Security,
> > + IN UINTN SubregionDisableMask
> > )
> > {
> > UINT32* Region;
> > @@ -100,7 +101,7 @@ TZASCSetRegion (
> >
> > MmioWrite32((UINTN)(Region), LowAddress&0xFFFF8000);
> > MmioWrite32((UINTN)(Region+1), HighAddress);
> > - MmioWrite32((UINTN)(Region+2), ((Security & 0xF) <<28) | ((Size &
> > 0x3F) << 1) | (Enabled & 0x1));
> > + MmioWrite32((UINTN)(Region+2), ((Security & 0xF) <<28) |
> > + ((SubregionDisableMask & 0xFF) << 8) | ((Size & 0x3F) << 1) |
> > (Enabled
> > + & 0x1));
I think these additions tip the code over to where a temporary
variable should be used for the register value.
> >
> > return EFI_SUCCESS;
> > }
> > diff --git a/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
> > b/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
> > index 78e98aa..1ba963d 100644
> > --- a/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
> > +++ b/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
> > @@ -82,7 +82,8 @@ TZASCSetRegion (
> > IN UINTN LowAddress,
> > IN UINTN HighAddress,
> > IN UINTN Size,
> > - IN UINTN Security
> > + IN UINTN Security,
> > + IN UINTN SubregionDisableMask
> > );
This modifies a prototype of a function implemented in:
ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c
ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/RTSMSec.c
ArmPlatformPkg/Library/ArmPlatformSecLibNull/ArmPlatformLibNullSec.c
But only modifies the implementation in one of them.
Arguably, the RTSM one could simply be deleted (probably), but if
we're keeping this library, then the LibNullSec should at least be
kept up to date.
Ard: comments on deleting the RTSM one?
Regards,
Leif
> >
> > #endif
> > --
> > 1.9.1
> >
>
> Regards,
> Bhupesh
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
next prev parent reply other threads:[~2016-10-17 13:25 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-14 11:09 [RESEND PATCH 1/1] ArmPlatformPkg/ArmTrustZone: Add support for specifying Subregions to be disabled Bhupesh Sharma
2016-10-17 10:18 ` Bhupesh Sharma
2016-10-17 13:25 ` Leif Lindholm [this message]
2016-10-17 14:15 ` Ard Biesheuvel
2016-10-27 5:23 ` Bhupesh Sharma
2016-10-27 5:21 ` Bhupesh Sharma
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161017132525.GW3471@bivouac.eciton.net \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox