All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jerome Forissier <jerome@forissier.org>
To: u-boot@lists.denx.de
Subject: [Uboot-stm32] [PATCH 0/7] arm: cache: cp15: don't map reserved region with no-map property
Date: Thu, 29 Oct 2020 17:35:41 +0100	[thread overview]
Message-ID: <54533fa8-0e11-56de-90c2-d05817de738d@forissier.org> (raw)
In-Reply-To: <CAN5uoS-OEcfwMhLUvOYRoRSf1cpkdeBayS0yUC56_XPUxvHzrg@mail.gmail.com>



On 10/29/20 5:06 PM, Etienne Carriere wrote:
> On Thu, 29 Oct 2020 at 12:26, Ard Biesheuvel <ardb@kernel.org> wrote:
>> The point I made before was that secure and non-secure are two
>> disjoint address spaces. The fact that TZ firewalls exist where you
>> can move things from one side to the other does not imply that things
>> works like this in the general case.
>>
>> E.g., you could have
>>
>> secure DRAM at S 0x0
>> non-secure DRAM at NS 0x0
>>
>> where the ranges are backed by *different* memory. Since the DT
>> description does not include the S/NS distinction, only the address
>> range, the only thing we can assume when looking at memory@ and
>> /reserved-memory is that everything it describes is NS.
> 
> From Arm Trustzone stand point, both secure and non-secure worlds
> share the very same physical address space. I your example, physical
> address 0x0 would refer to the same DRAM cell. Whether this cell is secure
> or non-secure is a configuration set in the DRAM firmwall.

No, like Ard said it is a possibility but it doesn't have to be the
case. See the Armv8-A ARM (DDI 0487F.c) section D5.1.3 VMSA address
types and address spaces, "Physical address (PA)".

If we need to differentiate between non-secure and secure PA I suppose
we could use the status and secure-status properties in the memory
nodes, consistent with the usual usage described in [1].

As Etienne says, it seems that a majority of systems actually have a
single PA space with access control added on top, and by default the
secure state can access non-secure memory. That goes well with memory
nodes without a status nor a secure-status property, yet other
configurations can easily be supported.

[1]
https://www.kernel.org/doc/Documentation/devicetree/bindings/arm/secure.txt

-- 
Jerome

  parent reply	other threads:[~2020-10-29 16:35 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-10-06 16:35 [PATCH 0/7] arm: cache: cp15: don't map reserved region with no-map property Patrick Delaunay
2020-10-06 16:35 ` [PATCH 1/7] lmb: Add support of flags for no-map properties Patrick Delaunay
2020-10-06 16:35 ` [PATCH 2/7] lmb: add lmb_is_reserved_flags Patrick Delaunay
2020-10-06 16:35 ` [PATCH 3/7] lmb: remove lmb_region.size Patrick Delaunay
2020-10-06 16:35 ` [PATCH 4/7] lmb: add lmb_dump_region() function Patrick Delaunay
2020-10-06 16:36 ` [PATCH 5/7] test: lmb: add test for lmb_reserve_flags Patrick Delaunay
2020-10-06 16:36 ` [PATCH 6/7] image-fdt: save no-map parameter of reserve-memory Patrick Delaunay
2020-10-06 16:36 ` [PATCH 7/7] arm: cache: cp15: don't map the reserved region with no-map property Patrick Delaunay
2020-10-07 10:26 ` [PATCH 0/7] arm: cache: cp15: don't map " Ard Biesheuvel
2020-10-07 11:23   ` [Uboot-stm32] " Ahmad Fatoum
2020-10-07 11:52     ` Ahmad Fatoum
2020-10-07 13:15       ` Ard Biesheuvel
2020-10-07 14:55         ` Etienne Carriere
2020-10-07 15:07           ` Ard Biesheuvel
2020-10-07 15:13             ` Etienne Carriere
2020-10-09 17:00         ` Patrick DELAUNAY
2020-10-27 17:25           ` Tom Rini
2020-10-27 21:04             ` Ard Biesheuvel
2020-10-28 10:33               ` Patrick DELAUNAY
2020-10-29 10:40                 ` Etienne Carriere
2020-10-29 11:26                   ` Ard Biesheuvel
2020-10-29 16:06                     ` Etienne Carriere
2020-10-29 16:31                       ` Ard Biesheuvel
2020-10-29 16:35                       ` Jerome Forissier [this message]
2020-10-29 17:11                         ` Etienne Carriere
2020-10-09 15:52     ` Patrick DELAUNAY
2020-10-09 17:12       ` Ahmad Fatoum
2020-10-09 17:15         ` Ahmad Fatoum
2020-10-09 18:35         ` Ard Biesheuvel
2020-10-12  9:09         ` Etienne Carriere
2020-10-12  9:20           ` Ard Biesheuvel
2020-10-12  9:51             ` Etienne Carriere
2020-10-12 10:27               ` Ard Biesheuvel
2020-10-09 11:18   ` Patrick DELAUNAY
2020-10-09 12:26     ` Ard Biesheuvel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=54533fa8-0e11-56de-90c2-d05817de738d@forissier.org \
    --to=jerome@forissier.org \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.