aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorManish Pandey <manish.pandey2@arm.com>2020-10-21 21:14:42 +0000
committerTrustedFirmware Code Review <review@review.trustedfirmware.org>2020-10-21 21:14:42 +0000
commitbc98a2eca9915db24d51c6550d744568cb0d8311 (patch)
treeb97f6241678883017e0f908a93386fd5258509ed
parentc4d919eeb95426a9d925c8b5fd1d8cc8430fc4ae (diff)
parent879b5b8bcaf8c03940e571628838c8476cb69dca (diff)
downloadtrusted-firmware-a-bc98a2eca9915db24d51c6550d744568cb0d8311.tar.gz
Merge changes from topic "tc0_sel2_spmc" into integration
* changes: plat: tc0: Configure TZC with secure world regions plat: tc0: Enable SPMC execution at S-EL2 plat: tc0: Add TZC DRAM1 region for SPMC and trusted OS plat: arm: Make BL32_BASE platform dependent when SPD_spmd is enabled plat: tc0: Disable SPE
-rw-r--r--fdts/tc0.dts2
-rw-r--r--include/plat/arm/common/arm_def.h6
-rw-r--r--plat/arm/board/fvp/include/platform_def.h9
-rw-r--r--plat/arm/board/tc0/fdts/tc0_fw_config.dts8
-rw-r--r--plat/arm/board/tc0/fdts/tc0_spmc_manifest.dts93
-rw-r--r--plat/arm/board/tc0/fdts/tc0_tb_fw_config.dts20
-rw-r--r--plat/arm/board/tc0/include/platform_def.h59
-rw-r--r--plat/arm/board/tc0/platform.mk10
-rw-r--r--plat/arm/board/tc0/tc0_plat.c5
-rw-r--r--plat/arm/board/tc0/tc0_security.c2
10 files changed, 206 insertions, 8 deletions
diff --git a/fdts/tc0.dts b/fdts/tc0.dts
index 15c14cabd2..763c813cf1 100644
--- a/fdts/tc0.dts
+++ b/fdts/tc0.dts
@@ -106,7 +106,7 @@
memory@80000000 {
device_type = "memory";
- reg = <0x0 0x80000000 0x0 0x80000000>;
+ reg = <0x0 0x80000000 0x0 0x7d000000>;
};
psci {
diff --git a/include/plat/arm/common/arm_def.h b/include/plat/arm/common/arm_def.h
index c018643066..00746c6da0 100644
--- a/include/plat/arm/common/arm_def.h
+++ b/include/plat/arm/common/arm_def.h
@@ -497,9 +497,9 @@
# elif defined(SPD_spmd)
# define TSP_SEC_MEM_BASE (ARM_AP_TZC_DRAM1_BASE + ULL(0x200000))
# define TSP_SEC_MEM_SIZE (ARM_AP_TZC_DRAM1_SIZE - ULL(0x200000))
-# define BL32_BASE PLAT_ARM_TRUSTED_DRAM_BASE
-# define BL32_LIMIT (PLAT_ARM_TRUSTED_DRAM_BASE \
- + (UL(1) << 21))
+# define BL32_BASE PLAT_ARM_SPMC_BASE
+# define BL32_LIMIT (PLAT_ARM_SPMC_BASE + \
+ PLAT_ARM_SPMC_SIZE)
# elif ARM_BL31_IN_DRAM
# define TSP_SEC_MEM_BASE (ARM_AP_TZC_DRAM1_BASE + \
PLAT_ARM_MAX_BL31_SIZE)
diff --git a/plat/arm/board/fvp/include/platform_def.h b/plat/arm/board/fvp/include/platform_def.h
index 50f638924f..8defcf837a 100644
--- a/plat/arm/board/fvp/include/platform_def.h
+++ b/plat/arm/board/fvp/include/platform_def.h
@@ -43,6 +43,15 @@
#define PLAT_ARM_TRUSTED_DRAM_BASE UL(0x06000000)
#define PLAT_ARM_TRUSTED_DRAM_SIZE UL(0x02000000) /* 32 MB */
+/*
+ * Max size of SPMC is 2MB for fvp. With SPMD enabled this value corresponds to
+ * max size of BL32 image.
+ */
+#if defined(SPD_spmd)
+#define PLAT_ARM_SPMC_BASE PLAT_ARM_TRUSTED_DRAM_BASE
+#define PLAT_ARM_SPMC_SIZE UL(0x200000) /* 2 MB */
+#endif
+
/* virtual address used by dynamic mem_protect for chunk_base */
#define PLAT_ARM_MEM_PROTEC_VA_FRAME UL(0xc0000000)
diff --git a/plat/arm/board/tc0/fdts/tc0_fw_config.dts b/plat/arm/board/tc0/fdts/tc0_fw_config.dts
index 381ce1fcb8..4b6abd4d19 100644
--- a/plat/arm/board/tc0/fdts/tc0_fw_config.dts
+++ b/plat/arm/board/tc0/fdts/tc0_fw_config.dts
@@ -14,10 +14,16 @@
tb_fw-config {
load-address = <0x0 0x4001300>;
- max-size = <0x200>;
+ max-size = <0x400>;
id = <TB_FW_CONFIG_ID>;
};
+ tos_fw-config {
+ load-address = <0x0 0x04001700>;
+ max-size = <0x1000>;
+ id = <TOS_FW_CONFIG_ID>;
+ };
+
hw-config {
load-address = <0x0 0x83000000>;
max-size = <0x01000000>;
diff --git a/plat/arm/board/tc0/fdts/tc0_spmc_manifest.dts b/plat/arm/board/tc0/fdts/tc0_spmc_manifest.dts
new file mode 100644
index 0000000000..b6c543ade2
--- /dev/null
+++ b/plat/arm/board/tc0/fdts/tc0_spmc_manifest.dts
@@ -0,0 +1,93 @@
+/*
+ * Copyright (c) 2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+/dts-v1/;
+
+/ {
+ compatible = "arm,ffa-core-manifest-1.0";
+ #address-cells = <2>;
+ #size-cells = <1>;
+
+ attribute {
+ spmc_id = <0x8000>;
+ maj_ver = <0x1>;
+ min_ver = <0x0>;
+ exec_state = <0x0>;
+ load_address = <0x0 0xfd000000>;
+ entrypoint = <0x0 0xfd000000>;
+ binary_size = <0x80000>;
+ };
+
+ chosen {
+ linux,initrd-start = <0>;
+ linux,initrd-end = <0>;
+ };
+
+ hypervisor {
+ compatible = "hafnium,hafnium";
+ vm1 {
+ is_ffa_partition;
+ debug_name = "cactus-primary";
+ load_address = <0xfe000000>;
+ };
+ vm2 {
+ is_ffa_partition;
+ debug_name = "cactus-secondary";
+ load_address = <0xfe100000>;
+ vcpu_count = <4>;
+ mem_size = <1048576>;
+ };
+ vm3 {
+ is_ffa_partition;
+ debug_name = "cactus-tertiary";
+ load_address = <0xfe200000>;
+ vcpu_count = <4>;
+ mem_size = <1048576>;
+ };
+ };
+
+ cpus {
+ #address-cells = <0x2>;
+ #size-cells = <0x0>;
+
+ CPU0:cpu@0 {
+ device_type = "cpu";
+ compatible = "arm,armv8";
+ reg = <0x0 0x0>;
+ enable-method = "psci";
+ };
+
+ /*
+ * SPM(Hafnium) requires secondary cpu nodes are declared in
+ * descending order
+ */
+ CPU3:cpu@300 {
+ device_type = "cpu";
+ compatible = "arm,armv8";
+ reg = <0x0 0x300>;
+ enable-method = "psci";
+ };
+
+ CPU2:cpu@200 {
+ device_type = "cpu";
+ compatible = "arm,armv8";
+ reg = <0x0 0x200>;
+ enable-method = "psci";
+ };
+
+ CPU1:cpu@100 {
+ device_type = "cpu";
+ compatible = "arm,armv8";
+ reg = <0x0 0x100>;
+ enable-method = "psci";
+ };
+ };
+
+ /* 32MB of TC0_TZC_DRAM1_BASE */
+ memory@fd000000 {
+ device_type = "memory";
+ reg = <0x0 0xfd000000 0x2000000>;
+ };
+};
diff --git a/plat/arm/board/tc0/fdts/tc0_tb_fw_config.dts b/plat/arm/board/tc0/fdts/tc0_tb_fw_config.dts
index 2fd25d9b42..3df94bf92b 100644
--- a/plat/arm/board/tc0/fdts/tc0_tb_fw_config.dts
+++ b/plat/arm/board/tc0/fdts/tc0_tb_fw_config.dts
@@ -24,4 +24,24 @@
mbedtls_heap_addr = <0x0 0x0>;
mbedtls_heap_size = <0x0>;
};
+
+ secure-partitions {
+ compatible = "arm,sp";
+ cactus-primary {
+ uuid = <0xb4b5671e 0x4a904fe1 0xb81ffb13 0xdae1dacb>;
+ load-address = <0xfe000000>;
+ owner = "SiP";
+ };
+
+ cactus-secondary {
+ uuid = <0xd1582309 0xf02347b9 0x827c4464 0xf5578fc8>;
+ load-address = <0xfe100000>;
+ owner = "Plat";
+ };
+
+ cactus-tertiary {
+ uuid = <0x79b55c73 0x1d8c44b9 0x859361e1 0x770ad8d2>;
+ load-address = <0xfe200000>;
+ };
+ };
};
diff --git a/plat/arm/board/tc0/include/platform_def.h b/plat/arm/board/tc0/include/platform_def.h
index 075c4037b9..72a035f0ab 100644
--- a/plat/arm/board/tc0/include/platform_def.h
+++ b/plat/arm/board/tc0/include/platform_def.h
@@ -22,6 +22,49 @@
#define PLAT_ARM_TRUSTED_SRAM_SIZE 0x00080000 /* 512 KB */
/*
+ * The top 16MB of ARM_DRAM1 is configured as secure access only using the TZC,
+ * its base is ARM_AP_TZC_DRAM1_BASE.
+ *
+ * Reserve 32MB below ARM_AP_TZC_DRAM1_BASE for:
+ * - BL32_BASE when SPD_spmd is enabled
+ * - Region to load Trusted OS
+ */
+#define TC0_TZC_DRAM1_BASE (ARM_AP_TZC_DRAM1_BASE - \
+ TC0_TZC_DRAM1_SIZE)
+#define TC0_TZC_DRAM1_SIZE UL(0x02000000) /* 32 MB */
+#define TC0_TZC_DRAM1_END (TC0_TZC_DRAM1_BASE + \
+ TC0_TZC_DRAM1_SIZE - 1)
+
+#define TC0_NS_DRAM1_BASE ARM_DRAM1_BASE
+#define TC0_NS_DRAM1_SIZE (ARM_DRAM1_SIZE - \
+ ARM_TZC_DRAM1_SIZE - \
+ TC0_TZC_DRAM1_SIZE)
+#define TC0_NS_DRAM1_END (TC0_NS_DRAM1_BASE + \
+ TC0_NS_DRAM1_SIZE - 1)
+
+/*
+ * Mappings for TC0 DRAM1 (non-secure) and TC0 TZC DRAM1 (secure)
+ */
+#define TC0_MAP_NS_DRAM1 MAP_REGION_FLAT( \
+ TC0_NS_DRAM1_BASE, \
+ TC0_NS_DRAM1_SIZE, \
+ MT_MEMORY | MT_RW | MT_NS)
+
+
+#define TC0_MAP_TZC_DRAM1 MAP_REGION_FLAT( \
+ TC0_TZC_DRAM1_BASE, \
+ TC0_TZC_DRAM1_SIZE, \
+ MT_MEMORY | MT_RW | MT_SECURE)
+/*
+ * Max size of SPMC is 2MB for tc0. With SPMD enabled this value corresponds to
+ * max size of BL32 image.
+ */
+#if defined(SPD_spmd)
+#define PLAT_ARM_SPMC_BASE TC0_TZC_DRAM1_BASE
+#define PLAT_ARM_SPMC_SIZE UL(0x200000) /* 2 MB */
+#endif
+
+/*
* PLAT_ARM_MMAP_ENTRIES depends on the number of entries in the
* plat_arm_mmap array defined for each BL stage.
*/
@@ -71,7 +114,7 @@
#if TRUSTED_BOARD_BOOT
# define PLAT_ARM_MAX_BL2_SIZE 0x1E000
#else
-# define PLAT_ARM_MAX_BL2_SIZE 0x11000
+# define PLAT_ARM_MAX_BL2_SIZE 0x14000
#endif
/*
@@ -206,4 +249,18 @@
#define PLAT_ARM_TZC_NS_DEV_ACCESS \
(TZC_REGION_ACCESS_RDWR(TZC_NSAID_DEFAULT))
+/*
+ * The first region below, TC0_TZC_DRAM1_BASE (0xfd000000) to
+ * ARM_SCP_TZC_DRAM1_END (0xffffffff) will mark the last 48 MB of DRAM as
+ * secure. The second region gives non secure access to rest of DRAM.
+ */
+#define TC0_TZC_REGIONS_DEF \
+ {TC0_TZC_DRAM1_BASE, ARM_SCP_TZC_DRAM1_END, \
+ TZC_REGION_S_RDWR, PLAT_ARM_TZC_NS_DEV_ACCESS}, \
+ {TC0_NS_DRAM1_BASE, TC0_NS_DRAM1_END, ARM_TZC_NS_DRAM_S_ACCESS, \
+ PLAT_ARM_TZC_NS_DEV_ACCESS}
+
+/* virtual address used by dynamic mem_protect for chunk_base */
+#define PLAT_ARM_MEM_PROTEC_VA_FRAME UL(0xc0000000)
+
#endif /* PLATFORM_DEF_H */
diff --git a/plat/arm/board/tc0/platform.mk b/plat/arm/board/tc0/platform.mk
index 05d691ee23..5d2cc38c46 100644
--- a/plat/arm/board/tc0/platform.mk
+++ b/plat/arm/board/tc0/platform.mk
@@ -85,6 +85,14 @@ $(eval $(call TOOL_ADD_PAYLOAD,${FW_CONFIG},--fw-config,${FW_CONFIG}))
# Add the TB_FW_CONFIG to FIP and specify the same to certtool
$(eval $(call TOOL_ADD_PAYLOAD,${TB_FW_CONFIG},--tb-fw-config,${TB_FW_CONFIG}))
+ifeq (${SPD},spmd)
+FDT_SOURCES += ${TC0_BASE}/fdts/${PLAT}_spmc_manifest.dts
+TC0_TOS_FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_spmc_manifest.dtb
+
+# Add the TOS_FW_CONFIG to FIP and specify the same to certtool
+$(eval $(call TOOL_ADD_PAYLOAD,${TC0_TOS_FW_CONFIG},--tos-fw-config,${TC0_TOS_FW_CONFIG}))
+endif
+
#Device tree
TC0_HW_CONFIG_DTS := fdts/tc0.dts
TC0_HW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}.dtb
@@ -98,6 +106,8 @@ override CTX_INCLUDE_AARCH32_REGS := 0
override CTX_INCLUDE_PAUTH_REGS := 1
+override ENABLE_SPE_FOR_LOWER_ELS := 0
+
include plat/arm/common/arm_common.mk
include plat/arm/css/common/css_common.mk
include plat/arm/soc/common/soc_css.mk
diff --git a/plat/arm/board/tc0/tc0_plat.c b/plat/arm/board/tc0/tc0_plat.c
index 05461928d2..e12ad56d81 100644
--- a/plat/arm/board/tc0/tc0_plat.c
+++ b/plat/arm/board/tc0/tc0_plat.c
@@ -38,7 +38,10 @@ const mmap_region_t plat_arm_mmap[] = {
ARM_MAP_SHARED_RAM,
TC0_FLASH0_RO,
TC0_MAP_DEVICE,
- ARM_MAP_NS_DRAM1,
+ TC0_MAP_NS_DRAM1,
+#if defined(SPD_spmd)
+ TC0_MAP_TZC_DRAM1,
+#endif
#if ARM_BL31_IN_DRAM
ARM_MAP_BL31_SEC_DRAM,
#endif
diff --git a/plat/arm/board/tc0/tc0_security.c b/plat/arm/board/tc0/tc0_security.c
index 5f1cb1159b..f543762036 100644
--- a/plat/arm/board/tc0/tc0_security.c
+++ b/plat/arm/board/tc0/tc0_security.c
@@ -8,7 +8,7 @@
#include <platform_def.h>
static const arm_tzc_regions_info_t tzc_regions[] = {
- ARM_TZC_REGIONS_DEF,
+ TC0_TZC_REGIONS_DEF,
{}
};