From patchwork Wed Feb 18 08:14:00 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kiszka X-Patchwork-Id: 440819 X-Patchwork-Delegate: albert.aribaud@free.fr Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from theia.denx.de (theia.denx.de [85.214.87.163]) by ozlabs.org (Postfix) with ESMTP id 49F0614017E for ; Wed, 18 Feb 2015 19:15:12 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 350224A046; Wed, 18 Feb 2015 09:15:04 +0100 (CET) X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "References" Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yWCNPjPra7Hc; Wed, 18 Feb 2015 09:15:04 +0100 (CET) Received: from theia.denx.de (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id D41C04B624; Wed, 18 Feb 2015 09:14:42 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 59B624A04E for ; Wed, 18 Feb 2015 09:14:33 +0100 (CET) X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "References" Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ow6DFz_8JeUM for ; Wed, 18 Feb 2015 09:14:33 +0100 (CET) X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 (only DNSBL check requested) Received: from david.siemens.de (david.siemens.de [192.35.17.14]) by theia.denx.de (Postfix) with ESMTPS id 33B6A4B05B for ; Wed, 18 Feb 2015 09:14:25 +0100 (CET) Received: from mail1.siemens.de (localhost [127.0.0.1]) by david.siemens.de (8.14.3/8.14.3) with ESMTP id t1I8ECSp008152; Wed, 18 Feb 2015 09:14:12 +0100 Received: from md1f2u6c.ww002.siemens.net ([139.22.39.106]) by mail1.siemens.de (8.14.3/8.14.3) with SMTP id t1I8E86S026156; Wed, 18 Feb 2015 09:14:11 +0100 From: Jan Kiszka To: U-Boot Mailing List , Tom Warren Date: Wed, 18 Feb 2015 09:14:00 +0100 Message-Id: <9294cccc9d4df4a531ad3ee1256dab09a18c9c12.1424247246.git.jan.kiszka@siemens.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: References: In-Reply-To: References: Cc: Paul Walmsley , Ian Campbell , Thierry Reding Subject: [U-Boot] [PATCH v3 06/12] virt-dt: Allow reservation of secure region when in a RAM carveout X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.15 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" In this case the secure code lives in RAM, and hence the memory node in the device tree needs to be adjusted. This avoids that the OS will map and possibly access the reservation. Add support for setting CONFIG_ARMV7_SECURE_RESERVE_SIZE to carve out such a region. We only support cutting off memory from the beginning or the end of a RAM bank as we do not want to increase their number (which would happen if punching a hole) for simplicity reasons This will be used in a subsequent patch for Jetson-TK1. Signed-off-by: Jan Kiszka --- arch/arm/cpu/armv7/virt-dt.c | 27 +++++++++++++++++++++++++++ arch/arm/include/asm/armv7.h | 1 + arch/arm/lib/bootm-fdt.c | 5 +++++ 3 files changed, 33 insertions(+) diff --git a/arch/arm/cpu/armv7/virt-dt.c b/arch/arm/cpu/armv7/virt-dt.c index ad19e4c..1d24437 100644 --- a/arch/arm/cpu/armv7/virt-dt.c +++ b/arch/arm/cpu/armv7/virt-dt.c @@ -16,6 +16,7 @@ */ #include +#include #include #include #include @@ -88,6 +89,32 @@ static int fdt_psci(void *fdt) return 0; } +int armv7_apply_memory_carveout(u64 *start, u64 *size) +{ +#ifdef CONFIG_ARMV7_SECURE_RESERVE_SIZE + if (*start + *size < CONFIG_ARMV7_SECURE_BASE || + *start >= (u64)CONFIG_ARMV7_SECURE_BASE + + CONFIG_ARMV7_SECURE_RESERVE_SIZE) + return 0; + + /* carveout must be at the beginning or the end of the bank */ + if (*start == CONFIG_ARMV7_SECURE_BASE || + *start + *size == (u64)CONFIG_ARMV7_SECURE_BASE + + CONFIG_ARMV7_SECURE_RESERVE_SIZE) { + if (*size < CONFIG_ARMV7_SECURE_RESERVE_SIZE) { + debug("Secure monitor larger than RAM bank!?\n"); + return -EINVAL; + } + *size -= CONFIG_ARMV7_SECURE_RESERVE_SIZE; + if (*start == CONFIG_ARMV7_SECURE_BASE) + *start += CONFIG_ARMV7_SECURE_RESERVE_SIZE; + return 0; + } + debug("Secure monitor not located at beginning or end of RAM bank\n"); + return -EINVAL; +#endif +} + int armv7_update_dt(void *fdt) { if (!armv7_boot_nonsec()) diff --git a/arch/arm/include/asm/armv7.h b/arch/arm/include/asm/armv7.h index a13da23..e06dfc9 100644 --- a/arch/arm/include/asm/armv7.h +++ b/arch/arm/include/asm/armv7.h @@ -79,6 +79,7 @@ void v7_outer_cache_inval_range(u32 start, u32 end); #if defined(CONFIG_ARMV7_NONSEC) || defined(CONFIG_ARMV7_VIRT) int armv7_init_nonsec(void); +int armv7_apply_memory_carveout(u64 *start, u64 *size); int armv7_update_dt(void *fdt); bool armv7_boot_nonsec(void); diff --git a/arch/arm/lib/bootm-fdt.c b/arch/arm/lib/bootm-fdt.c index d4f1578..7b88739 100644 --- a/arch/arm/lib/bootm-fdt.c +++ b/arch/arm/lib/bootm-fdt.c @@ -31,6 +31,11 @@ int arch_fixup_fdt(void *blob) for (bank = 0; bank < CONFIG_NR_DRAM_BANKS; bank++) { start[bank] = bd->bi_dram[bank].start; size[bank] = bd->bi_dram[bank].size; +#if defined(CONFIG_ARMV7_NONSEC) || defined(CONFIG_ARMV7_VIRT) + ret = armv7_apply_memory_carveout(&start[bank], &size[bank]); + if (ret) + return ret; +#endif } ret = fdt_fixup_memory_banks(blob, start, size, CONFIG_NR_DRAM_BANKS);