From patchwork Mon Apr 13 04:48:13 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kiszka X-Patchwork-Id: 460633 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from theia.denx.de (theia.denx.de [85.214.87.163]) by ozlabs.org (Postfix) with ESMTP id 0A2651402F4 for ; Mon, 13 Apr 2015 14:50:38 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id C4BEEA7440; Mon, 13 Apr 2015 06:49:55 +0200 (CEST) X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "References" Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l6E5JAvAyP1y; Mon, 13 Apr 2015 06:49:55 +0200 (CEST) Received: from theia.denx.de (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id EB35FA747E; Mon, 13 Apr 2015 06:49:12 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id A6865A742B for ; Mon, 13 Apr 2015 06:48:49 +0200 (CEST) X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "References" Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vsckNULF_MzK for ; Mon, 13 Apr 2015 06:48:49 +0200 (CEST) X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 (only DNSBL check requested) Received: from thoth.sbs.de (thoth.sbs.de [192.35.17.2]) by theia.denx.de (Postfix) with ESMTPS id F29134A039 for ; Mon, 13 Apr 2015 06:48:47 +0200 (CEST) Received: from mail1.siemens.de (localhost [127.0.0.1]) by thoth.sbs.de (8.14.3/8.14.3) with ESMTP id t3D4mRVQ009016; Mon, 13 Apr 2015 06:48:27 +0200 Received: from md1f2u6c.ww002.siemens.net (md1czxqc.ww300.siemens.net [139.22.39.75]) by mail1.siemens.de (8.14.3/8.14.3) with SMTP id t3D4mMCV024251; Mon, 13 Apr 2015 06:48:26 +0200 From: Jan Kiszka To: U-Boot Mailing List , Tom Rini Date: Mon, 13 Apr 2015 06:48:13 +0200 Message-Id: <08248823ed50fab0f667e7766e397604c7f2877b.1428900500.git.jan.kiszka@siemens.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: References: In-Reply-To: References: Cc: Tom Warren , Paul Walmsley , Ian Campbell , Thierry Reding Subject: [U-Boot] [PATCH v6 08/15] virt-dt: Allow reservation of secure region when in a RAM carveout X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.15 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" In this case the secure code lives in RAM, and hence the memory node in the device tree needs to be adjusted. This avoids that the OS will map and possibly access the reservation. Add support for setting CONFIG_ARMV7_SECURE_RESERVE_SIZE to carve out such a region. We only support cutting off memory from the beginning or the end of a RAM bank as we do not want to increase their number (which would happen if punching a hole) for simplicity reasons This will be used in a subsequent patch for Jetson-TK1. Signed-off-by: Jan Kiszka Reviewed-by: Thierry Reding Tested-by: Thierry Reding Tested-by: Ian Campbell --- arch/arm/cpu/armv7/virt-dt.c | 29 +++++++++++++++++++++++++++++ arch/arm/include/asm/armv7.h | 1 + arch/arm/lib/bootm-fdt.c | 6 ++++++ 3 files changed, 36 insertions(+) diff --git a/arch/arm/cpu/armv7/virt-dt.c b/arch/arm/cpu/armv7/virt-dt.c index 9408e33..6b86018 100644 --- a/arch/arm/cpu/armv7/virt-dt.c +++ b/arch/arm/cpu/armv7/virt-dt.c @@ -16,6 +16,7 @@ */ #include +#include #include #include #include @@ -88,6 +89,34 @@ static int fdt_psci(void *fdt) return 0; } +int armv7_apply_memory_carveout(u64 *start, u64 *size) +{ +#ifdef CONFIG_ARMV7_SECURE_RESERVE_SIZE + if (*start + *size < CONFIG_ARMV7_SECURE_BASE || + *start >= (u64)CONFIG_ARMV7_SECURE_BASE + + CONFIG_ARMV7_SECURE_RESERVE_SIZE) + return 0; + + /* carveout must be at the beginning or the end of the bank */ + if (*start == CONFIG_ARMV7_SECURE_BASE || + *start + *size == (u64)CONFIG_ARMV7_SECURE_BASE + + CONFIG_ARMV7_SECURE_RESERVE_SIZE) { + if (*size < CONFIG_ARMV7_SECURE_RESERVE_SIZE) { + debug("Secure monitor larger than RAM bank!?\n"); + return -EINVAL; + } + *size -= CONFIG_ARMV7_SECURE_RESERVE_SIZE; + if (*start == CONFIG_ARMV7_SECURE_BASE) + *start += CONFIG_ARMV7_SECURE_RESERVE_SIZE; + return 0; + } + debug("Secure monitor not located at beginning or end of RAM bank\n"); + return -EINVAL; +#else /* !CONFIG_ARMV7_SECURE_RESERVE_SIZE */ + return 0; +#endif +} + int psci_update_dt(void *fdt) { #if defined(CONFIG_ARMV7_NONSEC) || defined(CONFIG_ARMV7_VIRT) diff --git a/arch/arm/include/asm/armv7.h b/arch/arm/include/asm/armv7.h index 58d8b16..77adb24 100644 --- a/arch/arm/include/asm/armv7.h +++ b/arch/arm/include/asm/armv7.h @@ -124,6 +124,7 @@ void v7_outer_cache_inval_range(u32 start, u32 end); #if defined(CONFIG_ARMV7_NONSEC) || defined(CONFIG_ARMV7_VIRT) int armv7_init_nonsec(void); +int armv7_apply_memory_carveout(u64 *start, u64 *size); bool armv7_boot_nonsec(void); /* defined in assembly file */ diff --git a/arch/arm/lib/bootm-fdt.c b/arch/arm/lib/bootm-fdt.c index 665a3bc..2b9cf3c 100644 --- a/arch/arm/lib/bootm-fdt.c +++ b/arch/arm/lib/bootm-fdt.c @@ -17,6 +17,7 @@ #include #include +#include #include DECLARE_GLOBAL_DATA_PTR; @@ -31,6 +32,11 @@ int arch_fixup_fdt(void *blob) for (bank = 0; bank < CONFIG_NR_DRAM_BANKS; bank++) { start[bank] = bd->bi_dram[bank].start; size[bank] = bd->bi_dram[bank].size; +#if defined(CONFIG_ARMV7_NONSEC) || defined(CONFIG_ARMV7_VIRT) + ret = armv7_apply_memory_carveout(&start[bank], &size[bank]); + if (ret) + return ret; +#endif } ret = fdt_fixup_memory_banks(blob, start, size, CONFIG_NR_DRAM_BANKS);