public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: Bhupesh Sharma <bhupesh.sharma@nxp.com>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Leif Lindholm <leif.lindholm@linaro.org>,
	Bhupesh Sharma <bhupesh.sharma@nxp.com>
Cc: "edk2-devel@ml01.01.org" <edk2-devel@ml01.01.org>,
	"linaro-uefi@lists.linaro.org" <linaro-uefi@lists.linaro.org>,
	Evan Lloyd <evan.lloyd@arm.com>,
	Ryan Harkin <ryan.harkin@linaro.org>
Subject: Re: [RESEND PATCH 1/1] ArmPlatformPkg/ArmTrustZone: Add support for specifying Subregions to be disabled
Date: Thu, 27 Oct 2016 05:23:17 +0000	[thread overview]
Message-ID: <AM4PR0401MB22893A5FFA18C7EF77CF8BA488AA0@AM4PR0401MB2289.eurprd04.prod.outlook.com> (raw)
In-Reply-To: <CAKv+Gu82wFjgN8N_n+OU+RK6sr0ixBtwipniOx80NfstOX0+tw@mail.gmail.com>

Hi Ard,

> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Monday, October 17, 2016 7:46 PM
> 
> On 17 October 2016 at 14:25, Leif Lindholm <leif.lindholm@linaro.org>
> wrote:
> > On Mon, Oct 17, 2016 at 10:18:01AM +0000, Bhupesh Sharma wrote:
> >> Hi Ard, Leif,
> >>
> >> Any comments on this patch ?
> >
> > You didn't cc me before :)
> >
> > But more importantly, I don't really have any platform to test this
> > on, so I could use a Tested-by: from someone who does. Evan, do you?
> >
> >> > From: Bhupesh Sharma [mailto:bhupesh.sharma@nxp.com]
> >> > Sent: Friday, October 14, 2016 4:40 PM
> >> >
> >> > ARM TZASC-380 IP provides a mechanism to split memory regions
> being
> >> > protected via it into eight equal-sized sub-regions, with a bit
> >> > setting allowing the corresponding subregion to be disabled.
> >> >
> >> > Several NXP/FSL SoCs support the TZASC-380 IP block and allow the
> >> > DDR connected via the TZASC to be partitioned into regions having
> >> > different security settings.
> >> >
> >> > This patch enables this support and can be used for SoCs which
> >> > support such partition of DDR regions.
> >> >
> >> > Details of the 'subregion_disable'
> >
> > This is not actually what the register is called in the link you're
> > providing.
> >
> >> > register can be viewed here:
> >> >
> http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0431
> >> > c/CJ
> >> > ABCFHB.html
> >> >
> >> > Contributed-under: TianoCore Contribution Agreement 1.0
> >> > Signed-off-by: Bhupesh Sharma <bhupesh.sharma@nxp.com>
> >> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> >> > ---
> >> >  .../Library/ArmVExpressSecLibCTA9x4/CTA9x4Sec.c     | 21
> >> > ++++++++++++++-------
> >> >  ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c  |  5 +++--
> >> >  ArmPlatformPkg/Include/Drivers/ArmTrustzone.h       |  3 ++-
> >> >  3 files changed, 19 insertions(+), 10 deletions(-)
> >> >
> >> > diff --git
> >> >
> a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA
> >> > 9x4S
> >> > ec.c
> >> >
> b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA
> >> > 9x4S
> >> > ec.c
> >> > index 6fa0774..d358d65 100644
> >> > ---
> >> >
> a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA
> >> > 9x4S
> >> > ec.c
> >> > +++
> >> >
> b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA
> >> > 9
> >> > +++ x4Sec.c
> >> > @@ -72,18 +72,21 @@ ArmPlatformSecTrustzoneInit (
> >> >    // NOR Flash 0 non secure (BootMon)
> >> >    TZASCSetRegion(ARM_VE_TZASC_BASE,1,TZASC_REGION_ENABLED,
> >> >        ARM_VE_SMB_NOR0_BASE,0,
> >> > -      TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
> >> > +      TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW,
> >> > +      0);
> >> >
> >> >    // NOR Flash 1. The first half of the NOR Flash1 must be secure
> >> > for the secure firmware (sec_uefi.bin)
> >> >    if (PcdGetBool (PcdTrustzoneSupport) == TRUE) {
> >> >      //Note: Your OS Kernel must be aware of the secure regions
> >> > before to enable this region
> >> >      TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
> >> >          ARM_VE_SMB_NOR1_BASE + SIZE_32MB,0,
> >> > -        TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
> >> > +        TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW,
> >> > +   0);
> >
> > TAB used (convert to spaces).
> >
> >> >    } else {
> >> >      TZASCSetRegion(ARM_VE_TZASC_BASE,2,TZASC_REGION_ENABLED,
> >> >          ARM_VE_SMB_NOR1_BASE,0,
> >> > -        TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
> >> > +        TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW,
> >> > +   0);
> >
> > TAB used (convert to spaces).
> >
> >> >    }
> >> >
> >> >    // Base of SRAM. Only half of SRAM in Non Secure world @@ -
> 92,22
> >> > +95,26 @@ ArmPlatformSecTrustzoneInit (
> >> >      //Note: Your OS Kernel must be aware of the secure regions
> >> > before to enable this region
> >> >      TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
> >> >          ARM_VE_SMB_SRAM_BASE,0,
> >> > -        TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW);
> >> > +        TZASC_REGION_SIZE_16MB, TZASC_REGION_SECURITY_NSRW,
> >> > +   0);
> >
> > TAB used (convert to spaces).
> >
> >> >    } else {
> >> >      TZASCSetRegion(ARM_VE_TZASC_BASE,3,TZASC_REGION_ENABLED,
> >> >          ARM_VE_SMB_SRAM_BASE,0,
> >> > -        TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW);
> >> > +        TZASC_REGION_SIZE_32MB, TZASC_REGION_SECURITY_NSRW,
> >> > +   0);
> >
> > TAB used (convert to spaces).
> >
> > (These are all found by BaseTools/Scripts/PatchCheck.py, which also
> > points out that the subject line is too long.)
> >
> >> >    }
> >> >
> >> >    // Memory Mapped Peripherals. All in non secure world
> >> >    TZASCSetRegion(ARM_VE_TZASC_BASE,4,TZASC_REGION_ENABLED,
> >> >        ARM_VE_SMB_PERIPH_BASE,0,
> >> > -      TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW);
> >> > +      TZASC_REGION_SIZE_64MB, TZASC_REGION_SECURITY_NSRW,
> >> > +      0);
> >> >
> >> >    // MotherBoard Peripherals and On-chip peripherals.
> >> >    TZASCSetRegion(ARM_VE_TZASC_BASE,5,TZASC_REGION_ENABLED,
> >> >        ARM_VE_SMB_MB_ON_CHIP_PERIPH_BASE,0,
> >> > -      TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW);
> >> > +      TZASC_REGION_SIZE_256MB, TZASC_REGION_SECURITY_NSRW,
> >> > +      0);
> >> >  }
> >> >
> >> >  /**
> >> > diff --git a/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
> >> > b/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
> >> > index 070c0dc..5cd41ef 100644
> >> > --- a/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
> >> > +++ b/ArmPlatformPkg/Drivers/ArmTrustZone/ArmTrustZone.c
> >> > @@ -87,7 +87,8 @@ TZASCSetRegion (
> >> >    IN  UINTN LowAddress,
> >> >    IN  UINTN HighAddress,
> >> >    IN  UINTN Size,
> >> > -  IN  UINTN Security
> >> > +  IN  UINTN Security,
> >> > +  IN  UINTN SubregionDisableMask
> >> >    )
> >> >  {
> >> >    UINT32*     Region;
> >> > @@ -100,7 +101,7 @@ TZASCSetRegion (
> >> >
> >> >    MmioWrite32((UINTN)(Region), LowAddress&0xFFFF8000);
> >> >    MmioWrite32((UINTN)(Region+1), HighAddress);
> >> > -  MmioWrite32((UINTN)(Region+2), ((Security & 0xF) <<28) | ((Size
> >> > &
> >> > 0x3F) << 1) | (Enabled & 0x1));
> >> > +  MmioWrite32((UINTN)(Region+2), ((Security & 0xF) <<28) |
> >> > + ((SubregionDisableMask & 0xFF) << 8) | ((Size & 0x3F) << 1) |
> >> > (Enabled
> >> > + & 0x1));
> >
> > I think these additions tip the code over to where a temporary
> > variable should be used for the register value.
> >
> >> >
> >> >    return EFI_SUCCESS;
> >> >  }
> >> > diff --git a/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
> >> > b/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
> >> > index 78e98aa..1ba963d 100644
> >> > --- a/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
> >> > +++ b/ArmPlatformPkg/Include/Drivers/ArmTrustzone.h
> >> > @@ -82,7 +82,8 @@ TZASCSetRegion (
> >> >    IN  UINTN LowAddress,
> >> >    IN  UINTN HighAddress,
> >> >    IN  UINTN Size,
> >> > -  IN  UINTN Security
> >> > +  IN  UINTN Security,
> >> > +  IN  UINTN SubregionDisableMask
> >> >    );
> >
> > This modifies a prototype of a function implemented in:
> >
> ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibCTA9x4/CTA9x4Se
> > c.c
> > ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/RTSMSec.c
> > ArmPlatformPkg/Library/ArmPlatformSecLibNull/ArmPlatformLibNullSec.c
> >
> > But only modifies the implementation in one of them.
> > Arguably, the RTSM one could simply be deleted (probably), but if
> > we're keeping this library, then the LibNullSec should at least be
> > kept up to date.
> >
> > Ard: comments on deleting the RTSM one?
> >
> 
> Nope.

Ok, so should I send these changes for RTSM model also or should I update the LibNullSec.
Please let me know.

Thanks,
Bhupesh

  reply	other threads:[~2016-10-27  5:23 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-10-14 11:09 [RESEND PATCH 1/1] ArmPlatformPkg/ArmTrustZone: Add support for specifying Subregions to be disabled Bhupesh Sharma
2016-10-17 10:18 ` Bhupesh Sharma
2016-10-17 13:25   ` Leif Lindholm
2016-10-17 14:15     ` Ard Biesheuvel
2016-10-27  5:23       ` Bhupesh Sharma [this message]
2016-10-27  5:21     ` Bhupesh Sharma

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=AM4PR0401MB22893A5FFA18C7EF77CF8BA488AA0@AM4PR0401MB2289.eurprd04.prod.outlook.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox