From ae2b4a5494f9b4985fc2434e543ab0921e3b5a34 Mon Sep 17 00:00:00 2001 From: "rutigl@gmail.com" Date: Mon, 19 Feb 2024 12:51:22 +0200 Subject: [PATCH] fix(nuvoton): gfx frame buffer memory corruption during secondary boot gfx frame buffer memory corruption because of moving TF-A to DDR Change-Id: I6f1e0c8d048273b8047497adec631160aaf393d6 Signed-off-by: Margarita Glushkin --- .../plat/nuvoton/common/npcm845x_arm_def.h | 16 +++++-- include/plat/nuvoton/common/plat_macros.S | 3 +- plat/nuvoton/common/nuvoton_helpers.S | 2 +- plat/nuvoton/npcm845x/npcm845x_bl31_setup.c | 30 ++++++++---- plat/nuvoton/npcm845x/platform.mk | 48 ++++++++++++++++++- 5 files changed, 84 insertions(+), 15 deletions(-) diff --git a/include/plat/nuvoton/common/npcm845x_arm_def.h b/include/plat/nuvoton/common/npcm845x_arm_def.h index 5a44907f6..df3ad243c 100644 --- a/include/plat/nuvoton/common/npcm845x_arm_def.h +++ b/include/plat/nuvoton/common/npcm845x_arm_def.h @@ -149,7 +149,16 @@ ARM_AP_TZC_DRAM1_SIZE - 1U) /* Define the Access permissions for Secure peripherals to NS_DRAM */ +#if ARM_CRYPTOCELL_INTEG +/* + * Allow Secure peripheral to read NS DRAM when integrated with CryptoCell. + * This is required by CryptoCell to authenticate BL33 which is loaded + * into the Non Secure DDR. + */ +#define ARM_TZC_NS_DRAM_S_ACCESS TZC_REGION_S_RD +#else #define ARM_TZC_NS_DRAM_S_ACCESS TZC_REGION_S_NONE +#endif /* ARM_CRYPTOCELL_INTEG */ #ifdef SPD_opteed /* @@ -310,7 +319,7 @@ BL_RO_DATA_END - BL_RO_DATA_BASE, \ MT_RO_DATA | EL3_PAS) #else -#define ARM_MAP_BL_RO MAP_REGION_FLAT( \ +#define ARM_MAP_BL_RO_NOT_USED MAP_REGION_FLAT( \ BL_CODE_BASE, BL_CODE_END - BL_CODE_BASE, \ MT_CODE | EL3_PAS) #endif /* SEPARATE_CODE_AND_RODATA */ @@ -474,9 +483,9 @@ #define NEW_SRAM_ALLOCATION #ifdef NEW_SRAM_ALLOCATION - #define BL31_BASE 0x20001000 + #define BL31_BASE 0x02000000 #else - #define BL31_BASE 0x20001000 + #define BL31_BASE 0x02001000 #endif /* NEW_SRAM_ALLOCATION */ #define BL31_LIMIT BL2_BASE /* PLAT_ARM_MAX_BL31_SIZE */ @@ -502,6 +511,7 @@ * no SPD and no SPM-MM, as they are the only ones that can be used as BL32. */ #if defined(SPD_none) && !SPM_MM +#error BL32_BASE is not defined #undef BL32_BASE #endif /* SPD_none && !SPM_MM */ diff --git a/include/plat/nuvoton/common/plat_macros.S b/include/plat/nuvoton/common/plat_macros.S index 08f9feb71..549db395c 100644 --- a/include/plat/nuvoton/common/plat_macros.S +++ b/include/plat/nuvoton/common/plat_macros.S @@ -41,7 +41,8 @@ arm_print_gic_regs * BL31. */ .macro plat_crash_print_regs - /* TODO */ +plat_print_gic_regs +/*print_cci_regs*/ .endm #endif /* PLAT_MACROS_S */ diff --git a/plat/nuvoton/common/nuvoton_helpers.S b/plat/nuvoton/common/nuvoton_helpers.S index 09035a19b..9c7881583 100644 --- a/plat/nuvoton/common/nuvoton_helpers.S +++ b/plat/nuvoton/common/nuvoton_helpers.S @@ -151,9 +151,9 @@ func plat_wait_for_warm_boot */ bl plat_my_core_pos lsl x0, x0, #3 - mov x8, x0 mov_imm x2, PLAT_NPCM_TM_HOLD_BASE add x0, x0, x2 + mov x8, x0 mov_imm x2, PLAT_NPCM_TRUSTED_NOTIFICATION_BASE add x8, x8, x2 /* diff --git a/plat/nuvoton/npcm845x/npcm845x_bl31_setup.c b/plat/nuvoton/npcm845x/npcm845x_bl31_setup.c index 08448db6e..b8371d835 100644 --- a/plat/nuvoton/npcm845x/npcm845x_bl31_setup.c +++ b/plat/nuvoton/npcm845x/npcm845x_bl31_setup.c @@ -47,6 +47,20 @@ static entry_point_info_t bl33_image_ep_info; BL31_END - BL31_START, \ MT_MEMORY | MT_RW | EL3_PAS) +#if RECLAIM_INIT_CODE +IMPORT_SYM(unsigned long, __INIT_CODE_START__, BL_INIT_CODE_BASE); +IMPORT_SYM(unsigned long, __INIT_CODE_END__, BL_CODE_END_UNALIGNED); + +#define BL_INIT_CODE_END ((BL_CODE_END_UNALIGNED + PAGE_SIZE - 1) & \ + ~(PAGE_SIZE - 1)) + +#define MAP_BL_INIT_CODE MAP_REGION_FLAT( \ + BL_INIT_CODE_BASE, \ + BL_INIT_CODE_END - \ + BL_INIT_CODE_BASE, \ + MT_CODE | MT_SECURE) +#endif /* RECLAIM_INIT_CODE */ + #if SEPARATE_NOBITS_REGION #define MAP_BL31_NOBITS MAP_REGION_FLAT( \ BL31_NOBITS_BASE, \ @@ -117,6 +131,7 @@ unsigned int plat_get_syscnt_freq2(void) void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1, u_register_t arg2, u_register_t arg3) { + arg0 = arg1 = arg2 = arg3 = 0; #if RESET_TO_BL31 void *from_bl2 = (void *)arg0; void *plat_params_from_bl2 = (void *)arg3; @@ -309,26 +324,23 @@ void __init npcm845x_bl31_plat_arch_setup(void) { const mmap_region_t bl_regions[] = { MAP_BL31_TOTAL, -#if SEPARATE_NOBITS_REGION - MAP_BL31_NOBITS, -#endif /* SEPARATE_NOBITS_REGION */ +#if RECLAIM_INIT_CODE + MAP_BL_INIT_CODE_NOT_USED, +#endif /* RECLAIM_INIT_CODE */ ARM_MAP_BL_RO, -#if USE_ROMLIB - ARM_MAP_ROMLIB_CODE, - ARM_MAP_ROMLIB_DATA, -#endif /* USE_ROMLIB */ #if USE_COHERENT_MEM ARM_MAP_BL_COHERENT_RAM, #endif /* USE_COHERENT_MEM */ ARM_MAP_SHARED_RAM, #ifdef SECONDARY_BRINGUP - ARM_MAP_NS_DRAM1, + ARM_MAP_NS_DRAM1_NO_USED, #ifdef BL32_BASE - ARM_MAP_BL32_CORE_MEM + ARM_MAP_BL32_CORE_MEM_NO_USED #endif /* BL32_BASE */ #endif /* SECONDARY_BRINGUP */ {0} }; setup_page_tables(bl_regions, plat_arm_get_mmap()); enable_mmu_el3(0U); + NOTICE("Done enabling MMU\n"); } diff --git a/plat/nuvoton/npcm845x/platform.mk b/plat/nuvoton/npcm845x/platform.mk index 92c7e2fec..1959aacf4 100644 --- a/plat/nuvoton/npcm845x/platform.mk +++ b/plat/nuvoton/npcm845x/platform.mk @@ -12,6 +12,7 @@ RESET_TO_BL31 := 1 SPMD_SPM_AT_SEL2 := 0 #temporary until the RAM size is reduced USE_COHERENT_MEM := 1 +INIT_UNUSED_NS_EL2 := 1 $(eval $(call add_define,RESET_TO_BL31)) @@ -21,12 +22,29 @@ ifeq (${ARCH}, aarch64) # Trusted DRAM (if available) or the TZC secured area of DRAM. # TZC secured DRAM is the default. +ARM_TSP_RAM_LOCATION ?= dram + +ifeq (${ARM_TSP_RAM_LOCATION}, tsram) +ARM_TSP_RAM_LOCATION_ID = ARM_TRUSTED_SRAM_ID +else ifeq (${ARM_TSP_RAM_LOCATION}, tdram) +ARM_TSP_RAM_LOCATION_ID = ARM_TRUSTED_DRAM_ID +else ifeq (${ARM_TSP_RAM_LOCATION}, dram) +ARM_TSP_RAM_LOCATION_ID = ARM_DRAM_ID +else +$(error "Unsupported ARM_TSP_RAM_LOCATION value") +endif + +# Process flags # Process ARM_BL31_IN_DRAM flag ARM_BL31_IN_DRAM := 0 $(eval $(call assert_boolean,ARM_BL31_IN_DRAM)) $(eval $(call add_define,ARM_BL31_IN_DRAM)) +else +ARM_TSP_RAM_LOCATION_ID = ARM_TRUSTED_SRAM_ID endif +$(eval $(call add_define,ARM_TSP_RAM_LOCATION_ID)) + # For the original power-state parameter format, the State-ID can be encoded # according to the recommended encoding or zero. This flag determines which # State-ID encoding to be parsed. @@ -140,11 +158,25 @@ $(error For SEPARATE_NOBITS_REGION, RECLAIM_INIT_CODE cannot be supported) endif endif +# Disable ARM Cryptocell by default +ARM_CRYPTOCELL_INTEG := 0 +$(eval $(call assert_boolean,ARM_CRYPTOCELL_INTEG)) +$(eval $(call add_define,ARM_CRYPTOCELL_INTEG)) + # Enable PIE support for RESET_TO_BL31 case ifeq (${RESET_TO_BL31},1) ENABLE_PIE := 1 endif +# CryptoCell integration relies on coherent buffers for passing data from +# the AP CPU to the CryptoCell + +ifeq (${ARM_CRYPTOCELL_INTEG},1) +ifeq (${USE_COHERENT_MEM},0) +$(error "ARM_CRYPTOCELL_INTEG needs USE_COHERENT_MEM to be set.") +endif +endif + PLAT_INCLUDES := -Iinclude/plat/nuvoton/npcm845x \ -Iinclude/plat/nuvoton/common \ -Iinclude/drivers/nuvoton/npcm845x \ @@ -287,7 +319,8 @@ endif # Pointer Authentication sources ifeq (${ENABLE_PAUTH}, 1) -PLAT_BL_COMMON_SOURCES += plat/arm/common/aarch64/arm_pauth.c +PLAT_BL_COMMON_SOURCES += plat/arm/common/aarch64/arm_pauth.c \ + lib/extensions/pauth/pauth_helpers.S endif ifeq (${SPD},spmd) @@ -325,7 +358,11 @@ BL2_SOURCES += ${AUTH_SOURCES} \ $(eval $(call TOOL_ADD_IMG,ns_bl2u,--fwu,FWU_)) # We expect to locate the *.mk files under the directories specified below +ifeq (${ARM_CRYPTOCELL_INTEG},0) CRYPTO_LIB_MK := drivers/auth/mbedtls/mbedtls_crypto.mk +else +CRYPTO_LIB_MK := drivers/auth/cryptocell/cryptocell_crypto.mk +endif IMG_PARSER_LIB_MK := drivers/auth/mbedtls/mbedtls_x509.mk @@ -336,6 +373,12 @@ $(info Including ${IMG_PARSER_LIB_MK}) include ${IMG_PARSER_LIB_MK} endif +ifeq (${RECLAIM_INIT_CODE}, 1) +ifeq (${ARM_XLAT_TABLES_LIB_V1}, 1) +$(error "To reclaim init code xlat tables v2 must be used") +endif +endif + ifeq (${MEASURED_BOOT},1) MEASURED_BOOT_MK := drivers/measured_boot/measured_boot.mk $(info Including ${MEASURED_BOOT_MK}) @@ -352,3 +395,6 @@ BL2U_SOURCES := DEBUG_CONSOLE ?= 0 $(eval $(call add_define,DEBUG_CONSOLE)) + +$(eval $(call add_define,ARM_TSP_RAM_LOCATION_ID)) +