From: Thierry Reding <treding@nvidia.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH v1 3/4] jetson-tk1: Add PSCI configuration options and reserve secure code
Date: Fri, 16 Jan 2015 09:52:25 +0100 [thread overview]
Message-ID: <20150116085224.GA9170@ulmo.nvidia.com> (raw)
In-Reply-To: <54B85450.1030504@wwwdotorg.org>
On Thu, Jan 15, 2015 at 04:59:12PM -0700, Stephen Warren wrote:
> On 01/13/2015 12:45 PM, Ian Campbell wrote:
> >The secure world code is relocated to the MB just below the top of 4G, we
> >reserve it in the FDT (by setting CONFIG_ARMV7_SECURE_RESERVE_SIZE) but it is
> >not protected in h/w. See next patch.
>
> >diff --git a/include/configs/jetson-tk1.h b/include/configs/jetson-tk1.h
>
> >+#define CONFIG_ARMV7_PSCI 1
> >+/* Reserve top 1M for secure RAM */
> >+#define CONFIG_ARMV7_SECURE_BASE 0xfff00000
> >+#define CONFIG_ARMV7_SECURE_RESERVE_SIZE 0x00100000
>
> I /think/ the assumption in the existing code is that
> CONFIG_ARMV7_SECURE_BASE is the base of some out-of-DRAM secure memory, and
> hence that's why arch/arm/cpu/armv7/virt-dt.c() only reserves memory if that
> symbol is *not* set? That seems like rather a confusing semantic given the
> variable name. Introducing a new define that looks like it's simply the size
> of that region but actually changes the reservation semantics makes the
> situation worse for me.
>
> Wouldn't it be better to have:
>
> CONFIG_ARMV7_SECURE_BASE defines where the secure code is copied to.
>
> CONFIG_ARMV7_SECURE_BASE_IS_IN_DRAM defines the obvious; whether the secure
> base is in DRAM or not.
>
> That define would default to unset and you'd get the current behaviour.
>
> If that define was set, then CONFIG_ARMV7_SECURE_BASE through
> CONFIG_ARMV7_SECURE_BASE + (__secure_end - __secure_start) would be reserved
> in RAM?
>
> That way, armv7_update_dt would be more like:
>
> int armv7_update_dt(void *fdt)
> {
> #if defined(CONFIG_ARMV7_SECURE_BASE_IS_IN_DRAM) || \
> !defined(CONFIG_ARMV7_SECURE_BASE)
> /* secure code lives in RAM, keep it alive */
> #if defined(CONFIG_ARMV7_SECURE_BASE)
> base = CONFIG_ARMV7_SECURE_BASE;
> #else
> base = __secure_start;
> #endif
> fdt_add_mem_rsv(fdt, base, __secure_end - __secure_start);
> #endif
>
> return fdt_psci(fdt);
> }
As I understand it, one of the purposes of the RESERVE_SIZE is that
hardware may not allow regions of arbitrary size to be reserved. On
Tegra for example I think the restriction is that memory can only be
secured on 1 MiB boundaries.
So unless explicitly specified we'd need a way for platforms to be able
to adjust the reserved region accordingly.
Thierry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20150116/428f8694/attachment.pgp>
next prev parent reply other threads:[~2015-01-16 8:52 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-13 19:44 [U-Boot] [PATCH v1 0/4] Jetson-TK1 support for PSCI Ian Campbell
2015-01-13 19:45 ` [U-Boot] [PATCH v1 1/4] tegra124: Add more registers to struct mc_ctlr Ian Campbell
2015-01-15 23:37 ` Stephen Warren
2015-01-16 9:32 ` Ian Campbell
2015-01-13 19:45 ` [U-Boot] [PATCH v1 2/4] virt-dt: Allow reservation of the secure region when it is in a RAM carveout Ian Campbell
2015-01-15 23:49 ` Stephen Warren
2015-01-16 9:33 ` Ian Campbell
2015-01-18 18:06 ` Ian Campbell
2015-01-13 19:45 ` [U-Boot] [PATCH v1 3/4] jetson-tk1: Add PSCI configuration options and reserve secure code Ian Campbell
2015-01-15 23:59 ` Stephen Warren
2015-01-16 8:52 ` Thierry Reding [this message]
2015-01-16 9:39 ` Ian Campbell
2015-01-19 17:17 ` Stephen Warren
2015-01-13 19:46 ` [U-Boot] [PATCH v1 4/4] tegra124: Reserve secure RAM using MC_SECURITY_CFG{0, 1}_0 Ian Campbell
2015-01-14 7:57 ` [U-Boot] [PATCH v1 0/4] Jetson-TK1 support for PSCI Thierry Reding
2015-01-14 8:58 ` Ian Campbell
2015-01-15 14:55 ` Thierry Reding
2015-01-16 9:43 ` Ian Campbell
2015-01-16 10:05 ` Thierry Reding
2015-01-16 10:24 ` Ian Campbell
2015-01-16 16:03 ` Thierry Reding
2015-01-16 16:11 ` Ian Campbell
2015-01-19 9:25 ` Thierry Reding
2015-01-19 12:09 ` Ian Campbell
2015-01-15 19:19 ` Mark Rutland
2015-01-16 9:12 ` Thierry Reding
2015-01-22 19:20 ` Mark Rutland
2015-01-23 10:10 ` Thierry Reding
2015-01-23 12:37 ` Mark Rutland
2015-01-23 14:08 ` Mark Rutland
2015-01-30 12:20 ` Thierry Reding
2015-02-05 11:44 ` Thierry Reding
2015-02-05 12:01 ` Ian Campbell
2015-02-05 12:37 ` Mark Rutland
2015-02-05 13:55 ` Thierry Reding
2015-02-05 14:37 ` Ian Campbell
2015-02-09 11:26 ` Mark Rutland
2015-02-14 15:08 ` Jan Kiszka
2015-02-19 9:20 ` Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150116085224.GA9170@ulmo.nvidia.com \
--to=treding@nvidia.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox