From: Alexandre Courbot <acourbot-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
To: Stephen Warren <swarren-3lzwWm7+Weoh9ZMKESR00Q@public.gmane.org>,
Joseph Lo <josephl-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>,
Karan Jhavar <kjhavar-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>,
Varun Wadekar <vwadekar-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>,
Chris Johnson <CJohnson-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>,
Matthew Longnecker
<MLongnecker-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
Cc: gnurou-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org,
devicetree-discuss-uLR06cmDAlY/bJ5BZ2RsiQ@public.gmane.org,
linux-tegra-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-arm-kernel-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r@public.gmane.org,
Alexandre Courbot
<acourbot-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
Subject: [PATCH] ARM: tegra: add basic SecureOS support
Date: Thu, 6 Jun 2013 16:28:07 +0900 [thread overview]
Message-ID: <1370503687-17767-1-git-send-email-acourbot@nvidia.com> (raw)
Boot loaders on some Tegra devices can be unlocked but do not let the
system operate without SecureOS. SecureOS prevents access to some
registers and requires the operating system to perform certain
operations through Secure Monitor Calls instead of directly accessing
the hardware.
This patch introduces basic SecureOS support for Tegra. SecureOS support
can be enabled by adding a "nvidia,secure-os" property to the "chosen"
node of the device tree.
Currently, only the bringup of secondary CPUs is performed by SMCs, but
more operations will be added later.
Signed-off-by: Alexandre Courbot <acourbot-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
---
Documentation/devicetree/bindings/arm/tegra.txt | 8 +++
arch/arm/configs/tegra_defconfig | 1 +
arch/arm/mach-tegra/Kconfig | 11 ++++
arch/arm/mach-tegra/Makefile | 2 +
arch/arm/mach-tegra/common.c | 2 +
arch/arm/mach-tegra/reset.c | 30 +++++++----
arch/arm/mach-tegra/secureos.c | 70 +++++++++++++++++++++++++
arch/arm/mach-tegra/secureos.h | 31 +++++++++++
8 files changed, 145 insertions(+), 10 deletions(-)
create mode 100644 arch/arm/mach-tegra/secureos.c
create mode 100644 arch/arm/mach-tegra/secureos.h
diff --git a/Documentation/devicetree/bindings/arm/tegra.txt b/Documentation/devicetree/bindings/arm/tegra.txt
index ed9c853..b543091 100644
--- a/Documentation/devicetree/bindings/arm/tegra.txt
+++ b/Documentation/devicetree/bindings/arm/tegra.txt
@@ -32,3 +32,11 @@ board-specific compatible values:
nvidia,whistler
toradex,colibri_t20-512
toradex,iris
+
+Global properties
+-------------------------------------------
+
+The following properties can be specified into the "chosen" root
+node:
+
+ nvidia,secure-os: enable SecureOS.
diff --git a/arch/arm/configs/tegra_defconfig b/arch/arm/configs/tegra_defconfig
index f7ba3161..f6ed0f5 100644
--- a/arch/arm/configs/tegra_defconfig
+++ b/arch/arm/configs/tegra_defconfig
@@ -28,6 +28,7 @@ CONFIG_ARCH_TEGRA_3x_SOC=y
CONFIG_ARCH_TEGRA_114_SOC=y
CONFIG_TEGRA_PCI=y
CONFIG_TEGRA_EMC_SCALING_ENABLE=y
+CONFIG_TEGRA_SECUREOS=y
CONFIG_SMP=y
CONFIG_PREEMPT=y
CONFIG_AEABI=y
diff --git a/arch/arm/mach-tegra/Kconfig b/arch/arm/mach-tegra/Kconfig
index 84d72fc..acb5d0a 100644
--- a/arch/arm/mach-tegra/Kconfig
+++ b/arch/arm/mach-tegra/Kconfig
@@ -87,4 +87,15 @@ config TEGRA_AHB
config TEGRA_EMC_SCALING_ENABLE
bool "Enable scaling the memory frequency"
+config TEGRA_SECUREOS
+ bool "Enable SecureOS support"
+ help
+ Support for Tegra devices which bootloader sets up a
+ SecureOS environment. This will use Secure Monitor Calls
+ instead of directly accessing the hardware for some protected
+ operations.
+
+ SecureOS support is enabled by declaring a "nvidia,secure-os"
+ property into the "chosen" node of the device tree.
+
endmenu
diff --git a/arch/arm/mach-tegra/Makefile b/arch/arm/mach-tegra/Makefile
index d011f0a..3adafe6 100644
--- a/arch/arm/mach-tegra/Makefile
+++ b/arch/arm/mach-tegra/Makefile
@@ -37,3 +37,5 @@ endif
obj-$(CONFIG_ARCH_TEGRA_2x_SOC) += board-harmony-pcie.o
obj-$(CONFIG_ARCH_TEGRA_2x_SOC) += board-paz00.o
+
+obj-$(CONFIG_TEGRA_SECUREOS) += secureos.o
diff --git a/arch/arm/mach-tegra/common.c b/arch/arm/mach-tegra/common.c
index 9f852c6..b7eea02 100644
--- a/arch/arm/mach-tegra/common.c
+++ b/arch/arm/mach-tegra/common.c
@@ -37,6 +37,7 @@
#include "sleep.h"
#include "pm.h"
#include "reset.h"
+#include "secureos.h"
/*
* Storage for debug-macro.S's state.
@@ -97,6 +98,7 @@ static void __init tegra_init_cache(void)
void __init tegra_init_early(void)
{
+ tegra_init_secureos();
tegra_cpu_reset_handler_init();
tegra_apb_io_init();
tegra_init_fuse();
diff --git a/arch/arm/mach-tegra/reset.c b/arch/arm/mach-tegra/reset.c
index 1ac434e..4b9ebf9 100644
--- a/arch/arm/mach-tegra/reset.c
+++ b/arch/arm/mach-tegra/reset.c
@@ -21,38 +21,32 @@
#include <asm/cacheflush.h>
#include <asm/hardware/cache-l2x0.h>
+#include <asm/firmware.h>
#include "iomap.h"
#include "irammap.h"
#include "reset.h"
#include "sleep.h"
#include "fuse.h"
+#include "secureos.h"
#define TEGRA_IRAM_RESET_BASE (TEGRA_IRAM_BASE + \
TEGRA_IRAM_RESET_HANDLER_OFFSET)
static bool is_enabled;
-static void __init tegra_cpu_reset_handler_enable(void)
+static void __init tegra_cpu_reset_handler_set(const u32 reset_address)
{
- void __iomem *iram_base = IO_ADDRESS(TEGRA_IRAM_RESET_BASE);
void __iomem *evp_cpu_reset =
IO_ADDRESS(TEGRA_EXCEPTION_VECTORS_BASE + 0x100);
void __iomem *sb_ctrl = IO_ADDRESS(TEGRA_SB_BASE);
u32 reg;
- BUG_ON(is_enabled);
- BUG_ON(tegra_cpu_reset_handler_size > TEGRA_IRAM_RESET_HANDLER_SIZE);
-
- memcpy(iram_base, (void *)__tegra_cpu_reset_handler_start,
- tegra_cpu_reset_handler_size);
-
/*
* NOTE: This must be the one and only write to the EVP CPU reset
* vector in the entire system.
*/
- writel(TEGRA_IRAM_RESET_BASE + tegra_cpu_reset_handler_offset,
- evp_cpu_reset);
+ writel(reset_address, evp_cpu_reset);
wmb();
reg = readl(evp_cpu_reset);
@@ -66,6 +60,22 @@ static void __init tegra_cpu_reset_handler_enable(void)
writel(reg, sb_ctrl);
wmb();
}
+}
+
+static void __init tegra_cpu_reset_handler_enable(void)
+{
+ void __iomem *iram_base = IO_ADDRESS(TEGRA_IRAM_RESET_BASE);
+ const u32 reset_address = TEGRA_IRAM_RESET_BASE +
+ tegra_cpu_reset_handler_offset;
+
+ BUG_ON(is_enabled);
+ BUG_ON(tegra_cpu_reset_handler_size > TEGRA_IRAM_RESET_HANDLER_SIZE);
+
+ memcpy(iram_base, (void *)__tegra_cpu_reset_handler_start,
+ tegra_cpu_reset_handler_size);
+
+ if (call_firmware_op(set_cpu_boot_addr, 0, reset_address) == -ENOSYS)
+ tegra_cpu_reset_handler_set(reset_address);
is_enabled = true;
}
diff --git a/arch/arm/mach-tegra/secureos.c b/arch/arm/mach-tegra/secureos.c
new file mode 100644
index 0000000..44c3514
--- /dev/null
+++ b/arch/arm/mach-tegra/secureos.c
@@ -0,0 +1,70 @@
+/*
+ * SecureOS support for Tegra CPUs
+ *
+ * Copyright (c) 2013, NVIDIA Corporation.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ */
+
+#include <linux/kernel.h>
+#include <linux/init.h>
+#include <linux/of.h>
+#include <asm/firmware.h>
+
+static int __attribute__((used)) __tegra_smc_stack[10];
+
+/*
+ * With EABI, subtype and arg already end up in r0, r1 and r2 as they are
+ * function arguments, but we prefer to play safe here and explicitly move
+ * these values into the expected registers anyway. mov instructions without
+ * any side-effect are turned into nops by the assembler, which limits
+ * overhead.
+ */
+static void tegra_generic_smc(u32 type, u32 subtype, u32 arg)
+{
+ asm volatile(
+ ".arch_extension sec\n\t"
+ "ldr r3, =__tegra_smc_stack\n\t"
+ "stmia r3, {r4-r12, lr}\n\t"
+ "mov r0, %[type]\n\t"
+ "mov r1, %[subtype]\n\t"
+ "mov r2, %[arg]\n\t"
+ "mov r3, #0\n\t"
+ "mov r4, #0\n\t"
+ "dsb\n\t"
+ "smc #0\n\t"
+ "ldr r3, =__tegra_smc_stack\n\t"
+ "ldmia r3, {r4-r12, lr}"
+ :
+ : [type] "r" (type),
+ [subtype] "r" (subtype),
+ [arg] "r" (arg)
+ : "r0", "r1", "r2", "r3", "r4", "memory");
+}
+
+static int tegra_set_cpu_boot_addr(int cpu, unsigned long boot_addr)
+{
+ tegra_generic_smc(0xfffff200, boot_addr, 0);
+
+ return 0;
+}
+
+static const struct firmware_ops tegra_firmware_ops = {
+ .set_cpu_boot_addr = tegra_set_cpu_boot_addr,
+};
+
+void __init tegra_init_secureos(void)
+{
+ struct device_node *node = of_find_node_by_path("/chosen");
+
+ if (node && of_property_read_bool(node, "nvidia,secure-os"))
+ register_firmware_ops(&tegra_firmware_ops);
+}
diff --git a/arch/arm/mach-tegra/secureos.h b/arch/arm/mach-tegra/secureos.h
new file mode 100644
index 0000000..5388cc5
--- /dev/null
+++ b/arch/arm/mach-tegra/secureos.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2013, NVIDIA Corporation. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ */
+
+#ifndef __TEGRA_SECUREOS_H
+#define __TEGRA_SECUREOS_H
+
+#ifdef CONFIG_TEGRA_SECUREOS
+
+#include <linux/types.h>
+
+void tegra_init_secureos(void);
+
+#else
+
+static inline void tegra_init_secureos(void)
+{
+}
+
+#endif
+
+#endif
--
1.8.3
next reply other threads:[~2013-06-06 7:28 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-06 7:28 Alexandre Courbot [this message]
[not found] ` <1370503687-17767-1-git-send-email-acourbot-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
2013-06-06 9:35 ` [PATCH] ARM: tegra: add basic SecureOS support Russell King - ARM Linux
[not found] ` <20130606093524.GM18614-l+eeeJia6m9vn6HldHNs0ANdhmdF6hFW@public.gmane.org>
2013-06-06 10:23 ` Alex Courbot
2013-06-06 10:17 ` Tomasz Figa
2013-06-06 10:37 ` Alex Courbot
2013-06-06 16:28 ` Stephen Warren
2013-06-06 11:11 ` Dave Martin
2013-06-06 11:02 ` Dave Martin
[not found] ` <20130606110240.GA3320-bi+AKbBUZKY6gyzm1THtWbp2dZbC/Bob@public.gmane.org>
2013-06-07 7:25 ` Alexandre Courbot
2013-06-07 17:30 ` Dave Martin
2013-06-10 7:47 ` Alexandre Courbot
[not found] ` <CAAVeFuJuf2hrMaM5keoai65vAAg6JLrjDUvYm4e2zQvsw64_8A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2013-06-10 9:10 ` Russell King - ARM Linux
2013-06-06 12:26 ` Jassi Brar
[not found] ` <CABb+yY2SFfejMbbYOebMCUuMtAZF3u-yc+6z_MJTG2oOeSwL_g-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2013-06-07 7:13 ` Alexandre Courbot
[not found] ` <CAAVeFuKxRuLdhO+-+YHG=c-TNGUUJbDj5AHj+K5e8y1JDEDksg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2013-06-07 8:52 ` Jassi Brar
2013-06-06 16:44 ` Stephen Warren
2013-06-06 18:08 ` Dave Martin
[not found] ` <20130606180824.GC3320-bi+AKbBUZKY6gyzm1THtWbp2dZbC/Bob@public.gmane.org>
2013-06-06 18:29 ` Stephen Warren
[not found] ` <51B0D4FA.5070500-3lzwWm7+Weoh9ZMKESR00Q@public.gmane.org>
2013-06-07 17:47 ` Dave Martin
2013-06-07 9:03 ` Alexandre Courbot
[not found] ` <CAAVeFuJkV3VVfeinLrjCCef9ZqJNvKurQwVWnJsW-bZqniTQ1w-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2013-06-07 18:13 ` Dave Martin
[not found] ` <20130607181318.GC29344-bi+AKbBUZKY6gyzm1THtWbp2dZbC/Bob@public.gmane.org>
2013-06-10 8:05 ` Alexandre Courbot
[not found] ` <CAAVeFuKsa=GsxexQOSOYPYvkAXaEZXfW1+zRmv25CtFEY=T_GQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2013-06-10 11:20 ` Dave Martin
[not found] ` <51B0BC80.9040007-3lzwWm7+Weoh9ZMKESR00Q@public.gmane.org>
2013-06-07 8:11 ` Alexandre Courbot
[not found] ` <CAAVeFu+by44HnOzv_85kwgeCx5b9TxiMhr27x69QcUj9GRbk8A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2013-06-07 16:33 ` Stephen Warren
2013-06-10 8:11 ` Alexandre Courbot
[not found] ` <CAAVeFu+UMZikdWO20c9chvBcieOAUgOhz-nTEUpevFWnPNC_ZA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2013-06-10 9:14 ` Russell King - ARM Linux
[not found] ` <20130610091415.GS18614-l+eeeJia6m9vn6HldHNs0ANdhmdF6hFW@public.gmane.org>
2013-06-10 16:35 ` Stephen Warren
2013-06-10 11:16 ` Dave Martin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1370503687-17767-1-git-send-email-acourbot@nvidia.com \
--to=acourbot-ddmlm1+adcrqt0dzr+alfa@public.gmane.org \
--cc=CJohnson-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org \
--cc=MLongnecker-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org \
--cc=devicetree-discuss-uLR06cmDAlY/bJ5BZ2RsiQ@public.gmane.org \
--cc=gnurou-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=josephl-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org \
--cc=kjhavar-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org \
--cc=linux-arm-kernel-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-tegra-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=swarren-3lzwWm7+Weoh9ZMKESR00Q@public.gmane.org \
--cc=vwadekar-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).