feat(ethos-n): add separate RO and RW NSAIDs

To be able to further restrict the memory access for the Arm(R) Ethos(TM)-N NPU, separate read-only and read/write NSAIDs for the non-protected and protected memory have been added to the Juno platform's TZMP1 TZC configuration for the NPU. The platform definition has been updated accordingly and the NPU driver will now only give read/write access to the streams that require it. Signed-off-by: Mikael Olsson <mikael.olsson@arm.com> Change-Id: I5a173500fc1943a5cd406a3b379e1f1f554eeda6
2025-04-16 17:44:19 +00:00 · 2023-03-14 18:29:06 +01:00 · 2023-03-14 18:29:06 +01:00 · 986c4e991a
commit 986c4e991a
parent 6dcf3e7744
4 changed files with 56 additions and 19 deletions
--- a/docs/getting_started/porting-guide.rst
+++ b/docs/getting_started/porting-guide.rst
@ -582,10 +582,25 @@ enabled, the following constants must also be defined.
  Defines the Non-secure Access IDentity (NSAID) that the NPU shall use to
  access the protected memory that contains the NPU's firmware.

- **ARM_ETHOSN_NPU_PROT_DATA_NSAID**
+- **ARM_ETHOSN_NPU_PROT_DATA_RW_NSAID**

-  Defines the Non-secure Access IDentity (NSAID) that the NPU shall use to
-  access the protected memory that contains inference data.
+  Defines the Non-secure Access IDentity (NSAID) that the NPU shall use for
+  read/write access to the protected memory that contains inference data.
+
+- **ARM_ETHOSN_NPU_PROT_DATA_RO_NSAID**
+
+  Defines the Non-secure Access IDentity (NSAID) that the NPU shall use for
+  read-only access to the protected memory that contains inference data.
+
+- **ARM_ETHOSN_NPU_NS_RW_DATA_NSAID**
+
+  Defines the Non-secure Access IDentity (NSAID) that the NPU shall use for
+  read/write access to the non-protected memory.
+
+- **ARM_ETHOSN_NPU_NS_RO_DATA_NSAID**
+
+  Defines the Non-secure Access IDentity (NSAID) that the NPU shall use for
+  read-only access to the non-protected memory.

 - **ARM_ETHOSN_NPU_FW_IMAGE_BASE** and **ARM_ETHOSN_NPU_FW_IMAGE_LIMIT**

--- a/drivers/arm/ethosn/ethosn_smc.c
+++ b/drivers/arm/ethosn/ethosn_smc.c
@ -94,11 +94,12 @@
 #define SEC_NPU_ID_REG			U(0xF000)
 #define SEC_NPU_ID_ARCH_VER_SHIFT	U(0X10)

-#define FIRMWARE_STREAM_INDEX           U(0x0)
+#define FIRMWARE_STREAM_INDEX		U(0x0)
+#define WORKING_STREAM_INDEX		U(0x1)
 #define PLE_STREAM_INDEX		U(0x4)
-#define INPUT_STREAM_INDEX              U(0x6)
-#define INTERMEDIATE_STREAM_INDEX       U(0x7)
-#define OUTPUT_STREAM_INDEX             U(0x8)
+#define INPUT_STREAM_INDEX		U(0x6)
+#define INTERMEDIATE_STREAM_INDEX	U(0x7)
+#define OUTPUT_STREAM_INDEX		U(0x8)

 #define TO_EXTEND_ADDR(addr) \
 	((addr >> SEC_ADDR_EXT_SHIFT) & SEC_ADDR_EXT_MASK)
@ -154,16 +155,23 @@ static void ethosn_configure_stream_nsaid(const struct ethosn_core_t *core,
 					  bool is_protected)
 {
 	size_t i;
-	uint32_t streams[9] = {0, 0, 0, 0, 0, 0, 0, 0, 0};
+	uint32_t streams[9] = {[0 ... 8] = ARM_ETHOSN_NPU_NS_RO_DATA_NSAID};

 	streams[FIRMWARE_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_FW_NSAID;
 	streams[PLE_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_FW_NSAID;

+	streams[WORKING_STREAM_INDEX] = ARM_ETHOSN_NPU_NS_RW_DATA_NSAID;
+
 	if (is_protected) {
-		streams[INPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_DATA_NSAID;
+		streams[INPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_RO_DATA_NSAID;
 		streams[INTERMEDIATE_STREAM_INDEX] =
-			ARM_ETHOSN_NPU_PROT_DATA_NSAID;
-		streams[OUTPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_DATA_NSAID;
+			ARM_ETHOSN_NPU_PROT_RW_DATA_NSAID;
+		streams[OUTPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_RW_DATA_NSAID;
+	} else {
+		streams[INPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_NS_RO_DATA_NSAID;
+		streams[INTERMEDIATE_STREAM_INDEX] =
+			ARM_ETHOSN_NPU_NS_RW_DATA_NSAID;
+		streams[OUTPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_NS_RW_DATA_NSAID;
 	}

 	for (i = 0U; i < ARRAY_SIZE(streams); ++i) {
--- a/plat/arm/board/juno/include/platform_def.h
+++ b/plat/arm/board/juno/include/platform_def.h
@ -327,9 +327,14 @@

 /* Protected NSAIDs and memory regions for the Arm(R) Ethos(TM)-N NPU driver */
 #ifdef JUNO_ETHOSN_TZMP1
-#define ARM_ETHOSN_NPU_PROT_FW_NSAID	JUNO_ETHOSN_TZC400_NSAID_FW_PROT
-#define ARM_ETHOSN_NPU_PROT_DATA_NSAID	JUNO_ETHOSN_TZC400_NSAID_DATA_PROT
-#define ARM_ETHOSN_NPU_FW_IMAGE_BASE	JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE
+#define ARM_ETHOSN_NPU_PROT_FW_NSAID		JUNO_ETHOSN_TZC400_NSAID_FW_PROT
+#define ARM_ETHOSN_NPU_PROT_RW_DATA_NSAID	JUNO_ETHOSN_TZC400_NSAID_DATA_RW_PROT
+#define ARM_ETHOSN_NPU_PROT_RO_DATA_NSAID	JUNO_ETHOSN_TZC400_NSAID_DATA_RO_PROT
+
+#define ARM_ETHOSN_NPU_NS_RW_DATA_NSAID		JUNO_ETHOSN_TZC400_NSAID_DATA_RW_NS
+#define ARM_ETHOSN_NPU_NS_RO_DATA_NSAID		JUNO_ETHOSN_TZC400_NSAID_DATA_RO_NS
+
+#define ARM_ETHOSN_NPU_FW_IMAGE_BASE		JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE
 #define ARM_ETHOSN_NPU_FW_IMAGE_LIMIT \
 	(JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE + JUNO_ETHOSN_FW_TZC_PROT_DRAM2_SIZE)
 #endif
--- a/plat/arm/board/juno/juno_ethosn_tzmp1_def.h
+++ b/plat/arm/board/juno/juno_ethosn_tzmp1_def.h
@ -7,8 +7,13 @@
 #ifndef JUNO_ETHOSN_TZMP1_DEF_H
 #define JUNO_ETHOSN_TZMP1_DEF_H

-#define JUNO_ETHOSN_TZC400_NSAID_FW_PROT        7
-#define JUNO_ETHOSN_TZC400_NSAID_DATA_PROT      8
+#define JUNO_ETHOSN_TZC400_NSAID_FW_PROT	7
+#define JUNO_ETHOSN_TZC400_NSAID_DATA_RW_PROT	8
+#define JUNO_ETHOSN_TZC400_NSAID_DATA_RO_PROT	13
+
+/* 0 is the default NSAID and is included in PLAT_ARM_TZC_NS_DEV_ACCESS */
+#define JUNO_ETHOSN_TZC400_NSAID_DATA_RW_NS	0
+#define JUNO_ETHOSN_TZC400_NSAID_DATA_RO_NS	14

 #define JUNO_ETHOSN_FW_TZC_PROT_DRAM2_SIZE      UL(0x000400000) /* 4 MB */
 #define JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE      (ARM_DRAM2_BASE)
@ -32,13 +37,17 @@
 #define JUNO_FW_TZC_PROT_ACCESS	\
 	(TZC_REGION_ACCESS_RDWR(JUNO_ETHOSN_TZC400_NSAID_FW_PROT))
 #define JUNO_DATA_TZC_PROT_ACCESS \
-	(TZC_REGION_ACCESS_RDWR(JUNO_ETHOSN_TZC400_NSAID_DATA_PROT))
+	(TZC_REGION_ACCESS_RDWR(JUNO_ETHOSN_TZC400_NSAID_DATA_RW_PROT) | \
+	 TZC_REGION_ACCESS_RD(JUNO_ETHOSN_TZC400_NSAID_DATA_RO_PROT))
+#define JUNO_DATA_TZC_NS_ACCESS \
+	(PLAT_ARM_TZC_NS_DEV_ACCESS | \
+	 TZC_REGION_ACCESS_RD(JUNO_ETHOSN_TZC400_NSAID_DATA_RO_NS))

 #define JUNO_ETHOSN_TZMP_REGIONS_DEF					  \
 	{ ARM_AP_TZC_DRAM1_BASE, ARM_EL3_TZC_DRAM1_END + ARM_L1_GPT_SIZE, \
 	  TZC_REGION_S_RDWR, 0 },					  \
 	{ ARM_NS_DRAM1_BASE, ARM_NS_DRAM1_END,				  \
-	  ARM_TZC_NS_DRAM_S_ACCESS, PLAT_ARM_TZC_NS_DEV_ACCESS },	  \
+	  ARM_TZC_NS_DRAM_S_ACCESS, JUNO_DATA_TZC_NS_ACCESS},		  \
 	{ JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE,				  \
 	  JUNO_ETHOSN_FW_TZC_PROT_DRAM2_END,				  \
 	  TZC_REGION_S_RDWR, JUNO_FW_TZC_PROT_ACCESS },			  \
@ -46,6 +55,6 @@
 	  JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_END,				  \
 	  TZC_REGION_S_NONE, JUNO_DATA_TZC_PROT_ACCESS },		  \
 	{ JUNO_ETHOSN_NS_DRAM2_BASE, JUNO_ETHOSN_NS_DRAM2_END,		  \
-	  ARM_TZC_NS_DRAM_S_ACCESS, PLAT_ARM_TZC_NS_DEV_ACCESS }
+	  ARM_TZC_NS_DRAM_S_ACCESS, JUNO_DATA_TZC_NS_ACCESS}

 #endif /* JUNO_ETHOSN_TZMP1_DEF_H */