From patchwork Thu Aug 13 09:46:57 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrice CHOTARD X-Patchwork-Id: 1344184 X-Patchwork-Delegate: sjg@chromium.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=st.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=st.com header.i=@st.com header.a=rsa-sha256 header.s=STMicroelectronics header.b=rMw+cvU6; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4BS1vW6WQcz9sTH for ; Thu, 13 Aug 2020 19:47:35 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 4761D81C1D; Thu, 13 Aug 2020 11:47:27 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=st.com header.i=@st.com header.b="rMw+cvU6"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id B473381C1D; Thu, 13 Aug 2020 11:47:25 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2 Received: from mx07-00178001.pphosted.com (mx07-00178001.pphosted.com [185.132.182.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 00E1181B5E for ; Thu, 13 Aug 2020 11:47:21 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=patrice.chotard@st.com Received: from pps.filterd (m0046668.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 07D9gLBH014716; Thu, 13 Aug 2020 11:47:18 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=st.com; h=from : to : cc : subject : date : message-id : mime-version : content-type; s=STMicroelectronics; bh=mTk/B8ID3fJkR6cX22luZeR6zaLo6Oa4uyUjBnxPivA=; b=rMw+cvU6KSI55GpyGFbVfO2s+gmq7Loi058fjH6QRBIHjaZMXPJQzryWOu3JM43ZriXN W5r27Q8atAYp3IvpUhtndhcxoHec/1k9QVIFxeTl1BAjix4mjKmVl70wcgG60SFVSTyH xYvV1Tm4+nQ6UuAeGf1kWn+Yqsk4iMtiTB9t5BL88h+OlH/lqjgRWqeie+JsOJ5uC52c n20jMYQyDUGt8nEjNh2ZI7tAIe63mbYQtt36hBP+8CB8tEDNyx0isXu+9uK77EOwnXsq SKZSi2X+PtP4vIIX7kYeQBGtPCwRgM2u89d33jAnxzMYwzHWa4UQ+XRmWkDBrrAC6gl8 Gw== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com with ESMTP id 32smf9n1dj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 13 Aug 2020 11:47:18 +0200 Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id 6B80210002A; Thu, 13 Aug 2020 11:47:17 +0200 (CEST) Received: from Webmail-eu.st.com (sfhdag6node3.st.com [10.75.127.18]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id 5E6C821F170; Thu, 13 Aug 2020 11:47:17 +0200 (CEST) Received: from localhost (10.75.127.45) by SFHDAG6NODE3.st.com (10.75.127.18) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 13 Aug 2020 11:47:16 +0200 From: Patrice Chotard To: CC: Patrice CHOTARD , Patrick DELAUNAY , U-Boot STM32 , Etienne Carriere , Bryan O'Donoghue , Simon Glass Subject: [PATCH 1/2] fdtdec: optionally add property no-map to created reserved memory node Date: Thu, 13 Aug 2020 11:46:57 +0200 Message-ID: <20200813114650.1.I2dff760694d84d8bb1f8dc4ec03a5572681e4e8d@changeid> X-Mailer: git-send-email 2.17.1 MIME-Version: 1.0 X-Originating-IP: [10.75.127.45] X-ClientProxiedBy: SFHDAG1NODE1.st.com (10.75.127.1) To SFHDAG6NODE3.st.com (10.75.127.18) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-08-13_06:2020-08-13, 2020-08-13 signatures=0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.3 at phobos.denx.de X-Virus-Status: Clean From: Etienne Carriere Add boolean input argument @no_map to helper function fdtdec_add_reserved_memory() to add "no-map" property for an added reserved memory node. This is needed for example when the reserved memory relates to secure memory that the dear Linux kernel shall not even map unless what non-secure world speculative accesses of the CPU can violate the memory firmware configuration. No function change. A later change will update to OPTEE library to add no-map property to OP-TEE reserved memory nodes. Signed-off-by: Etienne Carriere Signed-off-by: Patrice Chotard --- include/fdtdec.h | 5 +++-- lib/fdtdec.c | 10 ++++++++-- lib/optee/optee.c | 2 +- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/include/fdtdec.h b/include/fdtdec.h index 760b392bdf..ad2b0879d7 100644 --- a/include/fdtdec.h +++ b/include/fdtdec.h @@ -999,7 +999,7 @@ static inline int fdtdec_set_phandle(void *blob, int node, uint32_t phandle) * }; * uint32_t phandle; * - * fdtdec_add_reserved_memory(fdt, "framebuffer", &fb, &phandle); + * fdtdec_add_reserved_memory(fdt, "framebuffer", &fb, &phandle, false); * * This results in the following subnode being added to the top-level * /reserved-memory node: @@ -1026,11 +1026,12 @@ static inline int fdtdec_set_phandle(void *blob, int node, uint32_t phandle) * @param carveout information about the carveout region * @param phandlep return location for the phandle of the carveout region * can be NULL if no phandle should be added + * @param no_map add "no-map" property if true * @return 0 on success or a negative error code on failure */ int fdtdec_add_reserved_memory(void *blob, const char *basename, const struct fdt_memory *carveout, - uint32_t *phandlep); + uint32_t *phandlep, bool no_map); /** * fdtdec_get_carveout() - reads a carveout from an FDT diff --git a/lib/fdtdec.c b/lib/fdtdec.c index 78576b530f..303455e44b 100644 --- a/lib/fdtdec.c +++ b/lib/fdtdec.c @@ -1255,7 +1255,7 @@ static int fdtdec_init_reserved_memory(void *blob) int fdtdec_add_reserved_memory(void *blob, const char *basename, const struct fdt_memory *carveout, - uint32_t *phandlep) + uint32_t *phandlep, bool no_map) { fdt32_t cells[4] = {}, *ptr = cells; uint32_t upper, lower, phandle; @@ -1355,6 +1355,12 @@ int fdtdec_add_reserved_memory(void *blob, const char *basename, if (err < 0) return err; + if (no_map) { + err = fdt_setprop(blob, node, "no-map", NULL, 0); + if (err < 0) + return err; + } + /* return the phandle for the new node for the caller to use */ if (phandlep) *phandlep = phandle; @@ -1420,7 +1426,7 @@ int fdtdec_set_carveout(void *blob, const char *node, const char *prop_name, fdt32_t value; void *prop; - err = fdtdec_add_reserved_memory(blob, name, carveout, &phandle); + err = fdtdec_add_reserved_memory(blob, name, carveout, &phandle, false); if (err < 0) { debug("failed to add reserved memory: %d\n", err); return err; diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 457d4cca8a..963c2ff430 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -192,7 +192,7 @@ int optee_copy_fdt_nodes(const void *old_blob, void *new_blob) ret = fdtdec_add_reserved_memory(new_blob, nodename, &carveout, - NULL); + NULL, false); free(oldname); if (ret < 0) From patchwork Thu Aug 13 09:46:58 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrice CHOTARD X-Patchwork-Id: 1344185 X-Patchwork-Delegate: sjg@chromium.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=st.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=st.com header.i=@st.com header.a=rsa-sha256 header.s=STMicroelectronics header.b=RQdmzcjX; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4BS1vf282fz9sTH for ; Thu, 13 Aug 2020 19:47:42 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 109DE82224; Thu, 13 Aug 2020 11:47:32 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=st.com header.i=@st.com header.b="RQdmzcjX"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 7578D8221F; Thu, 13 Aug 2020 11:47:30 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2 Received: from mx07-00178001.pphosted.com (mx07-00178001.pphosted.com [185.132.182.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 419F881C0C for ; Thu, 13 Aug 2020 11:47:27 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=patrice.chotard@st.com Received: from pps.filterd (m0046668.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 07D9gR06014991; Thu, 13 Aug 2020 11:47:25 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=st.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=STMicroelectronics; bh=K3vuUuDoDNolrpwM4VEI23u5AY8WlgS4OEbPFolC0sg=; b=RQdmzcjX72vRUcWwdpAM9L9NCfjXC/jSD190to1/yJqurbOZZCKEuuePxGN859KzVrEk bPEE8ONIFQmviit9cIO6HCkkRR0Wbo1OqCQL3Pqy1JVM8KoxB2BtwLG2WZycHuURX4Bd ud90TnNa7+IObtKf5Cm5hpVVUIsGqV64Um2IySeBqa2S3Vi3bxqREPbmXADYrYCgsgNF KDkEkhQO4011YBBFaPoEhGbtyQtVIAuoPV3yJTly4Gx9qek/lcoJklZPNvl872hMIkW0 CeXTlX43SNE4XV/Ds4B+M1mPxc8DCH3rL4U9vjl3CijYNfTIH+gPr22K8wEv22LvQvUn Zg== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com with ESMTP id 32smf9n1e2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 13 Aug 2020 11:47:25 +0200 Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id C25CA10002A; Thu, 13 Aug 2020 11:47:24 +0200 (CEST) Received: from Webmail-eu.st.com (sfhdag6node3.st.com [10.75.127.18]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id B82D321F66D; Thu, 13 Aug 2020 11:47:24 +0200 (CEST) Received: from localhost (10.75.127.44) by SFHDAG6NODE3.st.com (10.75.127.18) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 13 Aug 2020 11:47:24 +0200 From: Patrice Chotard To: CC: Patrice CHOTARD , Patrick DELAUNAY , U-Boot STM32 , Etienne Carriere , Bryan O'Donoghue Subject: [PATCH 2/2] optee: add property no-map to secure reserved memory Date: Thu, 13 Aug 2020 11:46:58 +0200 Message-ID: <20200813114650.2.I1b5c7dcf6c43efa10d18b4bc707055fc15fb36ca@changeid> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200813114650.1.I2dff760694d84d8bb1f8dc4ec03a5572681e4e8d@changeid> References: <20200813114650.1.I2dff760694d84d8bb1f8dc4ec03a5572681e4e8d@changeid> MIME-Version: 1.0 X-Originating-IP: [10.75.127.44] X-ClientProxiedBy: SFHDAG5NODE1.st.com (10.75.127.13) To SFHDAG6NODE3.st.com (10.75.127.18) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-08-13_06:2020-08-13, 2020-08-13 signatures=0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.3 at phobos.denx.de X-Virus-Status: Clean From: Etienne Carriere OP-TEE reserved memory node must set property "no-map" to prevent Linux kernel from mapping secure memory unless what non-secure world speculative accesses of the CPU can violate the memory firmware configuration. Fixes: 6ccb05eae01b ("image: fdt: copy possible optee nodes to a loaded devicetree") Signed-off-by: Etienne Carriere Signed-off-by: Patrice Chotard --- lib/optee/optee.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 963c2ff430..9e6606568f 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -192,7 +192,7 @@ int optee_copy_fdt_nodes(const void *old_blob, void *new_blob) ret = fdtdec_add_reserved_memory(new_blob, nodename, &carveout, - NULL, false); + NULL, true); free(oldname); if (ret < 0)