From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2a00:1450:400c:c09::231; helo=mail-wm0-x231.google.com; envelope-from=leif.lindholm@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-wm0-x231.google.com (mail-wm0-x231.google.com [IPv6:2a00:1450:400c:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id F229C21F7D4E5 for ; Wed, 11 Oct 2017 10:07:50 -0700 (PDT) Received: by mail-wm0-x231.google.com with SMTP id b189so6555311wmd.4 for ; Wed, 11 Oct 2017 10:11:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=dlpycq3q/SrT28roo2k+QyTgIechKsuxlgcXrxpU/Hw=; b=B3PtHjLFFtvQTnivjC1UZmDiqEW/KRX4MXBbnrtpggLxEo20UCArWKecKetajr4lrB ZNDVb7MTnNnRBjXTc0rC1qpDeI9WQIF+azZoc2zS40XYSBHLpsIQeLDDhr91kgQS00Ao vleYwt0TIVb16GogqVCWunL0hJdkJZG+7Meis= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=dlpycq3q/SrT28roo2k+QyTgIechKsuxlgcXrxpU/Hw=; b=rqB40TP5HkRU9I4jObNCbK8rqydHXBmTxi8j2LS77lDNA7+noz9+jTgT7mvVXqEoLg 67rwo+o3QZEVgLbPnFdcVp0kv11AzQdKHpN/2fI8u+6bXoc5uuRgm9BEThZX6uTs35O3 DTqxEcYxiECdVYfyBuIpT0bajUwOxwp5BTTfr+UxKkm5eIxvWfEFAXPM/vlbciANNVTz wLXyaMZVZdhBAFcjHYc/+r0muA2NkigEA0BZdeg7n2V9xM9xggjKwaMsiVvqwS+9rO7J 901Q+nEBJjWVw7r+2Cvys18flDugt2H4xD9KZOGZPFmLWlh+phB5ec+MW3+ukLAHn2B1 lcIQ== X-Gm-Message-State: AMCzsaWhnMDLHaUdJZt1oR4DOnw91Lmx6m/hLPgJtD+OtdfyMQGyem6U PBhf0VMsX+6WtMefzp+4Pk2wXQ== X-Google-Smtp-Source: AOwi7QDG6Pa6BkoKnXWaQcSnJrlytQR2oZkEXdUpvMDs7+zNw9Gt2bA4u3nExB+WczBJyeo69hezdw== X-Received: by 10.223.157.137 with SMTP id p9mr249784wre.98.1507741879041; Wed, 11 Oct 2017 10:11:19 -0700 (PDT) Received: from bivouac.eciton.net (bivouac.eciton.net. [2a00:1098:0:86:1000:23:0:2]) by smtp.gmail.com with ESMTPSA id l96sm6365414wrc.21.2017.10.11.10.11.17 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 11 Oct 2017 10:11:17 -0700 (PDT) Date: Wed, 11 Oct 2017 18:11:16 +0100 From: Leif Lindholm To: Marcin Wojtas Cc: edk2-devel@lists.01.org, ard.biesheuvel@linaro.org, nadavh@marvell.com, neta@marvell.com, kostap@marvell.com, jinghua@marvell.com, jsd@semihalf.com Message-ID: <20171011171116.3fauddi5lrlfibzy@bivouac.eciton.net> References: <1507736449-6073-1-git-send-email-mw@semihalf.com> <1507736449-6073-6-git-send-email-mw@semihalf.com> MIME-Version: 1.0 In-Reply-To: <1507736449-6073-6-git-send-email-mw@semihalf.com> User-Agent: NeoMutt/20170113 (1.7.2) Subject: Re: [platforms: PATCH 5/8] Marvell/Armada: Add MemoryInitPeiLib that reserves secure region X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Oct 2017 17:07:51 -0000 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, Oct 11, 2017 at 05:40:46PM +0200, Marcin Wojtas wrote: > From: Ard Biesheuvel > > The default MemoryInitPeiLib implementation insists on reserving the > region occupied by our own FV, while this is not necessary at all (the > compressed payload is uncompressed elsewhere, so the moment we enter > DXE core, we don't care about the FV contents in memory) > > So clone MemoryInitPeiLib and modify it to suit our needs. > > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Ard Biesheuvel > Signed-off-by: Marcin Wojtas Reviewed-by: Leif Lindholm > --- > Platform/Marvell/Armada/Armada.dsc.inc | 6 +- > Platform/Marvell/Armada/Library/Armada70x0MemoryInitPeiLib/Armada70x0MemoryInitPeiLib.c | 158 ++++++++++++++++++++ > Platform/Marvell/Armada/Library/Armada70x0MemoryInitPeiLib/Armada70x0MemoryInitPeiLib.inf | 46 ++++++ > Platform/Marvell/Marvell.dec | 8 + > 4 files changed, 217 insertions(+), 1 deletion(-) > > diff --git a/Platform/Marvell/Armada/Armada.dsc.inc b/Platform/Marvell/Armada/Armada.dsc.inc > index 56d8941..b0a8240 100644 > --- a/Platform/Marvell/Armada/Armada.dsc.inc > +++ b/Platform/Marvell/Armada/Armada.dsc.inc > @@ -153,7 +153,7 @@ > PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf > > [LibraryClasses.common.SEC, LibraryClasses.common.PEIM] > - MemoryInitPeiLib|ArmPlatformPkg/MemoryInitPei/MemoryInitPeiLib.inf > + MemoryInitPeiLib|Platform/Marvell/Armada/Library/Armada70x0MemoryInitPeiLib/Armada70x0MemoryInitPeiLib.inf > BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf > > [LibraryClasses.common.DXE_CORE] > @@ -364,6 +364,10 @@ > gArmTokenSpaceGuid.PcdSystemMemorySize|0x40000000 > gArmTokenSpaceGuid.PcdArmScr|0x531 > > + # Secure region reservation > + gMarvellTokenSpaceGuid.PcdSecureRegionBase|0x4000000 > + gMarvellTokenSpaceGuid.PcdSecureRegionSize|0x0200000 > + > # TRNG > gMarvellTokenSpaceGuid.PcdEip76TrngBaseAddress|0xF2760000 > > diff --git a/Platform/Marvell/Armada/Library/Armada70x0MemoryInitPeiLib/Armada70x0MemoryInitPeiLib.c b/Platform/Marvell/Armada/Library/Armada70x0MemoryInitPeiLib/Armada70x0MemoryInitPeiLib.c > new file mode 100644 > index 0000000..53119f4 > --- /dev/null > +++ b/Platform/Marvell/Armada/Library/Armada70x0MemoryInitPeiLib/Armada70x0MemoryInitPeiLib.c > @@ -0,0 +1,158 @@ > +/** @file > +* > +* Copyright (c) 2011-2015, ARM Limited. All rights reserved. > +* Copyright (c) 2017, ARM Limited. All rights reserved. > +* > +* This program and the accompanying materials > +* are licensed and made available under the terms and conditions of the BSD License > +* which accompanies this distribution. The full text of the license may be found at > +* http://opensource.org/licenses/bsd-license.php > +* > +* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > +* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > +* > +**/ > + > +#include > + > +#include > +#include > +#include > +#include > +#include > + > +VOID > +BuildMemoryTypeInformationHob ( > + VOID > + ); > + > +STATIC > +VOID > +InitMmu ( > + IN ARM_MEMORY_REGION_DESCRIPTOR *MemoryTable > + ) > +{ > + > + VOID *TranslationTableBase; > + UINTN TranslationTableSize; > + RETURN_STATUS Status; > + > + Status = ArmConfigureMmu (MemoryTable, > + &TranslationTableBase, > + &TranslationTableSize); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "Error: Failed to enable MMU\n")); > + } > +} > + > +/*++ > + > +Routine Description: > + > + > + > +Arguments: > + > + FileHandle - Handle of the file being invoked. > + PeiServices - Describes the list of possible PEI Services. > + > +Returns: > + > + Status - EFI_SUCCESS if the boot mode could be set > + > +--*/ > +EFI_STATUS > +EFIAPI > +MemoryPeim ( > + IN EFI_PHYSICAL_ADDRESS UefiMemoryBase, > + IN UINT64 UefiMemorySize > + ) > +{ > + ARM_MEMORY_REGION_DESCRIPTOR *MemoryTable; > + EFI_RESOURCE_ATTRIBUTE_TYPE ResourceAttributes; > + UINT64 ResourceLength; > + EFI_PEI_HOB_POINTERS NextHob; > + EFI_PHYSICAL_ADDRESS SecureTop; > + EFI_PHYSICAL_ADDRESS ResourceTop; > + > + // Get Virtual Memory Map from the Platform Library > + ArmPlatformGetVirtualMemoryMap (&MemoryTable); > + > + SecureTop = (EFI_PHYSICAL_ADDRESS)FixedPcdGet64 (PcdSecureRegionBase) + > + FixedPcdGet32 (PcdSecureRegionSize); > + > + // > + // Search for System Memory Hob that covers the secure firmware, > + // and punch a hole in it > + // > + for (NextHob.Raw = GetHobList (); > + NextHob.Raw != NULL; > + NextHob.Raw = GetNextHob (EFI_HOB_TYPE_RESOURCE_DESCRIPTOR, > + NextHob.Raw)) { > + > + if ((NextHob.ResourceDescriptor->ResourceType == EFI_RESOURCE_SYSTEM_MEMORY) && > + (FixedPcdGet64 (PcdSecureRegionBase) >= NextHob.ResourceDescriptor->PhysicalStart) && > + (SecureTop <= NextHob.ResourceDescriptor->PhysicalStart + > + NextHob.ResourceDescriptor->ResourceLength)) > + { > + ResourceAttributes = NextHob.ResourceDescriptor->ResourceAttribute; > + ResourceLength = NextHob.ResourceDescriptor->ResourceLength; > + ResourceTop = NextHob.ResourceDescriptor->PhysicalStart + ResourceLength; > + > + if (FixedPcdGet64 (PcdSecureRegionBase) == NextHob.ResourceDescriptor->PhysicalStart) { > + // > + // This region starts right at the start of the reserved region, so we > + // can simply move its start pointer and reduce its length by the same > + // value > + // > + NextHob.ResourceDescriptor->PhysicalStart += FixedPcdGet32 (PcdSecureRegionSize); > + NextHob.ResourceDescriptor->ResourceLength -= FixedPcdGet32 (PcdSecureRegionSize); > + > + } else if ((NextHob.ResourceDescriptor->PhysicalStart + > + NextHob.ResourceDescriptor->ResourceLength) == SecureTop) { > + > + // > + // This region ends right at the end of the reserved region, so we > + // can simply reduce its length by the size of the region. > + // > + NextHob.ResourceDescriptor->ResourceLength -= FixedPcdGet32 (PcdSecureRegionSize); > + > + } else { > + // > + // This region covers the reserved region. So split it into two regions, > + // each one touching the reserved region at either end, but not covering > + // it. > + // > + NextHob.ResourceDescriptor->ResourceLength = FixedPcdGet64 (PcdSecureRegionBase) - > + NextHob.ResourceDescriptor->PhysicalStart; > + > + // Create the System Memory HOB for the remaining region (top of the FD) > + BuildResourceDescriptorHob (EFI_RESOURCE_SYSTEM_MEMORY, > + ResourceAttributes, > + SecureTop, > + ResourceTop - SecureTop); > + } > + > + // > + // Reserve the memory space occupied by the secure firmware > + // > + BuildResourceDescriptorHob (EFI_RESOURCE_MEMORY_RESERVED, > + 0, > + FixedPcdGet64 (PcdSecureRegionBase), > + FixedPcdGet32 (PcdSecureRegionSize)); > + > + break; > + } > + NextHob.Raw = GET_NEXT_HOB (NextHob); > + } > + > + // Build Memory Allocation Hob > + InitMmu (MemoryTable); > + > + if (FeaturePcdGet (PcdPrePiProduceMemoryTypeInformationHob)) { > + // Optional feature that helps prevent EFI memory map fragmentation. > + BuildMemoryTypeInformationHob (); > + } > + > + return EFI_SUCCESS; > +} > diff --git a/Platform/Marvell/Armada/Library/Armada70x0MemoryInitPeiLib/Armada70x0MemoryInitPeiLib.inf b/Platform/Marvell/Armada/Library/Armada70x0MemoryInitPeiLib/Armada70x0MemoryInitPeiLib.inf > new file mode 100644 > index 0000000..ebaed01 > --- /dev/null > +++ b/Platform/Marvell/Armada/Library/Armada70x0MemoryInitPeiLib/Armada70x0MemoryInitPeiLib.inf > @@ -0,0 +1,46 @@ > +#/** @file > +# > +# Copyright (c) 2011-2014, ARM Ltd. All rights reserved.
> +# Copyright (c) 2017, Linaro Ltd. All rights reserved.
> +# > +# This program and the accompanying materials > +# are licensed and made available under the terms and conditions of the BSD License > +# which accompanies this distribution. The full text of the license may be found at > +# http://opensource.org/licenses/bsd-license.php > +# > +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > +# > +#**/ > + > +[Defines] > + INF_VERSION = 0x00010019 > + BASE_NAME = Armada70x0MemoryInitPeiLib > + FILE_GUID = abc4e8a7-89a7-4aea-92bc-0e9421c4a473 > + MODULE_TYPE = BASE > + VERSION_STRING = 1.0 > + LIBRARY_CLASS = MemoryInitPeiLib|SEC PEIM > + > +[Sources] > + Armada70x0MemoryInitPeiLib.c > + > +[Packages] > + ArmPkg/ArmPkg.dec > + ArmPlatformPkg/ArmPlatformPkg.dec > + EmbeddedPkg/EmbeddedPkg.dec > + MdeModulePkg/MdeModulePkg.dec > + MdePkg/MdePkg.dec > + Platform/Marvell/Marvell.dec > + > +[LibraryClasses] > + ArmPlatformLib > + DebugLib > + HobLib > + ArmMmuLib > + > +[FeaturePcd] > + gEmbeddedTokenSpaceGuid.PcdPrePiProduceMemoryTypeInformationHob > + > +[FixedPcd] > + gMarvellTokenSpaceGuid.PcdSecureRegionBase > + gMarvellTokenSpaceGuid.PcdSecureRegionSize > diff --git a/Platform/Marvell/Marvell.dec b/Platform/Marvell/Marvell.dec > index db1c7fa..63ea071 100644 > --- a/Platform/Marvell/Marvell.dec > +++ b/Platform/Marvell/Marvell.dec > @@ -207,6 +207,14 @@ > gMarvellTokenSpaceGuid.PcdDramRemapSize|0x40000000|UINT32|0x50000004 > gMarvellTokenSpaceGuid.PcdDramRemapTarget|0xC0000000|UINT32|0x50000003 > > + # > + # The secure firmware may occupy a DRAM region that is accessible by the > + # normal world. These PCDs describe such a region, which will be converted > + # to 'reserved' memory before DXE is entered. > + # > + gMarvellTokenSpaceGuid.PcdSecureRegionBase|0x0|UINT64|0x50000000 > + gMarvellTokenSpaceGuid.PcdSecureRegionSize|0x0|UINT32|0x50000001 > + > [Protocols] > gMarvellEepromProtocolGuid = { 0x71954bda, 0x60d3, 0x4ef8, { 0x8e, 0x3c, 0x0e, 0x33, 0x9f, 0x3b, 0xc2, 0x2b }} > gMarvellMdioProtocolGuid = { 0x40010b03, 0x5f08, 0x496a, { 0xa2, 0x64, 0x10, 0x5e, 0x72, 0xd3, 0x71, 0xaa }} > -- > 2.7.4 >