From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ahmad Fatoum <a.fatoum@pengutronix.de>
Date: Wed, 7 Oct 2020 13:52:39 +0200
Subject: [Uboot-stm32] [PATCH 0/7] arm: cache: cp15: don't map reserved
 region with no-map property
In-Reply-To: <190d019a-7e18-b4bc-9276-e14bbe4c2855@pengutronix.de>
References: <20201006163602.21687-1-patrick.delaunay@st.com>
 <CAMj1kXET8=ERg7gGqWa-FwLZzAuztBsVMhyTGmYEMAxzb63_sw@mail.gmail.com>
 <190d019a-7e18-b4bc-9276-e14bbe4c2855@pengutronix.de>
Message-ID: <258ba4fa-8d1e-56be-e0de-2d6c09812c13@pengutronix.de>
List-Id: <u-boot.lists.denx.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: u-boot@lists.denx.de

Hello,

On 10/7/20 1:23 PM, Ahmad Fatoum wrote:
> My findings[1] back then were that U-Boot did set the eXecute Never bit only on
> OMAP, but not for other platforms.  So I could imagine this being the root cause
> of Patrick's issues as well:

Rereading my own link, my memory is a little less fuzzy: eXecute Never was being
set, but was without effect due Manager mode being set in the DACR:

> The ARM Architecture Reference Manual notes[1]:
> > When using the Short-descriptor translation table format, the XN     
> > attribute is not checked for domains marked as Manager.
> > Therefore, the system must not include read-sensitive memory in
> > domains marked as Manager, because the XN bit does not prevent  
> > speculative fetches from a Manager domain.
 
> To avoid speculative access to read-sensitive memory-mapped peripherals
> on ARMv7, we'll need U-Boot to use client domain permissions, so the XN
> bit can function.
 
> This issue has come up before and was fixed in de63ac278
> ("ARM: mmu: Set domain permissions to client access") for OMAP2 only.
> It's equally applicable to all ARMv7-A platforms where caches are    
> enabled.
> [1]: B3.7.2 - Execute-never restrictions on instruction fetching

Hope this helps,
Ahmad

> The CPU is speculatively executing from the region that the firewalled DRAM
> is mapped at.
> 
> barebox now configures XN for non-RAM before it turns on the MMU. You should
> do that as well (in ARM arch code, not only for stm32mp1). Additionally,
> you will want to XN map the region where your OP-TEE sits at.
> 
> [1]: https://community.nxp.com/thread/511925
> 
> Cheers
> Ahmad
> 

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |