From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=6PMt=MA=lists.denx.de=u-boot-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-17.5 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,
	INCLUDES_PATCH,MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,
	URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 704BAC07E96
	for <u-boot@archiver.kernel.org>; Thu,  8 Jul 2021 13:23:33 +0000 (UTC)
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 65D6A61481
	for <u-boot@archiver.kernel.org>; Thu,  8 Jul 2021 13:23:32 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 65D6A61481
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=foss.st.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 7A6AD83180;
	Thu,  8 Jul 2021 15:23:30 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.b="CirQzwIx";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id B1FDB83181; Thu,  8 Jul 2021 15:23:28 +0200 (CEST)
Received: from mx07-00178001.pphosted.com (mx08-00178001.pphosted.com
 [91.207.212.93])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 0C35B8314E
 for <u-boot@lists.denx.de>; Thu,  8 Jul 2021 15:23:25 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=foss.st.com
Authentication-Results: phobos.denx.de; spf=pass
 smtp.mailfrom=prvs=1823935de6=patrice.chotard@foss.st.com
Received: from pps.filterd (m0046661.ppops.net [127.0.0.1])
 by mx07-00178001.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id
 168DH8AK007647; Thu, 8 Jul 2021 15:23:23 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com;
 h=subject : to : cc :
 references : from : message-id : date : mime-version : in-reply-to :
 content-type : content-transfer-encoding; s=selector1;
 bh=FV8Huv8Yr8/XN2fMNQZfyYDWc7N8CZJlMKkn3nmNpg8=;
 b=CirQzwIxrXDgtPyDAxlT8+US4ngTZPWqFgRaCDkmp0BwX1+tSttft5NJUl/+WGhHKcvI
 OW7OO7TMxV6AJTZ3MmmZ0Eg51ea7CHZQ/LgLPzsMfCZ/cUf1K24A4hRIN8ThacVFkDz0
 G0PoDaEZEfM1Z2tjnmCZrgADPuQA7MCdhnz84Ek+rqlvzQHiVvFgOeMMjOAqTlgMCB0T
 OuINMGNJKYhdy7VVl+v65qHIYOHZCpusCOOhkqnz6n+JcmZjsfGLNavRMVky357rlJbr
 wrOUwkWhXw1e+wPkHyJfXDPi9Zy278Z6lOJdCPzjZuG2nXgPM2CfBrzmjDmIjXLPKiNQ kw== 
Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35])
 by mx07-00178001.pphosted.com with ESMTP id 39nwkf213q-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
 Thu, 08 Jul 2021 15:23:23 +0200
Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20])
 by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id 0FB3510002A;
 Thu,  8 Jul 2021 15:23:23 +0200 (CEST)
Received: from Webmail-eu.st.com (sfhdag2node3.st.com [10.75.127.6])
 by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id 00F1E2238AE;
 Thu,  8 Jul 2021 15:23:23 +0200 (CEST)
Received: from lmecxl0573.lme.st.com (10.75.127.48) by SFHDAG2NODE3.st.com
 (10.75.127.6) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 8 Jul
 2021 15:23:22 +0200
Subject: Re: [PATCH v4 4/5] stm32mp1: spl: Configure TrustZone controller for
 OP-TEE
To: Alexandru Gagniuc <mr.nuke.me@gmail.com>, <u-boot@lists.denx.de>,
 <trini@konsulko.com>, <patrick.delaunay@foss.st.com>
CC: <sjg@chromium.org>, <etienne.carriere@linaro.org>
References: <20210531174314.1395666-1-mr.nuke.me@gmail.com>
 <20210531174314.1395666-5-mr.nuke.me@gmail.com>
From: Patrice CHOTARD <patrice.chotard@foss.st.com>
Message-ID: <acc45022-bea4-fae8-c221-d3ccbb385b1a@foss.st.com>
Date: Thu, 8 Jul 2021 15:23:22 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.11.0
MIME-Version: 1.0
In-Reply-To: <20210531174314.1395666-5-mr.nuke.me@gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.75.127.48]
X-ClientProxiedBy: SFHDAG2NODE3.st.com (10.75.127.6) To SFHDAG2NODE3.st.com
 (10.75.127.6)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790
 definitions=2021-07-08_06:2021-07-08,
 2021-07-08 signatures=0
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de
X-Virus-Status: Clean

Hi Alexandru

Sorry for the delay, i just noticed that this patch didn't get reviewed neither by Patrick nor by me.
That's done ;-)


On 5/31/21 7:43 PM, Alexandru Gagniuc wrote:
> OP-TEE is very particular about how the TZC should be configured.
> When booting an OP-TEE payload, an incorrect TZC configuration will
> result in a panic.
> 
> Most information can be derived from the SPL devicetree. The only
> information we don't have is the split between TZDRAM and shared
> memory. This has to be hardcoded. The rest of the configuration is
> fairly easy, and only requires 3 TZC regions. Configure them.
> 
> Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
> ---
>  arch/arm/mach-stm32mp/spl.c | 92 +++++++++++++++++++++++++++++++++++++
>  1 file changed, 92 insertions(+)
> 
> diff --git a/arch/arm/mach-stm32mp/spl.c b/arch/arm/mach-stm32mp/spl.c
> index b53659a698a..405eff68a3b 100644
> --- a/arch/arm/mach-stm32mp/spl.c
> +++ b/arch/arm/mach-stm32mp/spl.c
> @@ -11,11 +11,13 @@
>  #include <hang.h>
>  #include <init.h>
>  #include <log.h>
> +#include <ram.h>
>  #include <spl.h>
>  #include <asm/cache.h>
>  #include <asm/global_data.h>
>  #include <asm/io.h>
>  #include <asm/arch/sys_proto.h>
> +#include <mach/tzc.h>
>  #include <linux/libfdt.h>
>  
>  u32 spl_boot_device(void)
> @@ -92,6 +94,96 @@ __weak int board_early_init_f(void)
>  	return 0;
>  }
>  
> +uint32_t stm32mp_get_dram_size(void)
> +{
> +	struct ram_info ram;
> +	struct udevice *dev;
> +	int ret;
> +
> +	if (uclass_get_device(UCLASS_RAM, 0, &dev))
> +		return 0;
> +
> +	ret = ram_get_info(dev, &ram);
> +	if (ret)
> +		return 0;
> +
> +	return ram.size;
> +}
> +
> +static int optee_get_reserved_memory(uint32_t *start, uint32_t *size)
> +{
> +	phys_size_t fdt_mem_size;
> +	fdt_addr_t fdt_start;
> +	ofnode node;
> +
> +	node = ofnode_path("/reserved-memory/optee");
> +	if (!ofnode_valid(node))
> +		return 0;
> +
> +	fdt_start = ofnode_get_addr_size(node, "reg", &fdt_mem_size);
> +	*start = fdt_start;
> +	*size = fdt_mem_size;
> +	return (fdt_start < 0) ? fdt_start : 0;
> +}
> +
> +#define CFG_SHMEM_SIZE			0x200000
> +#define STM32_TZC_NSID_ALL		0xffff
> +#define STM32_TZC_FILTER_ALL		3
> +
> +void stm32_init_tzc_for_optee(void)
> +{
> +	const uint32_t dram_size = stm32mp_get_dram_size();
> +	const uintptr_t dram_top = STM32_DDR_BASE + (dram_size - 1);
> +	uint32_t optee_base, optee_size, tee_shmem_base;
> +	const uintptr_t tzc = STM32_TZC_BASE;
> +	int ret;
> +
> +	if (dram_size == 0)
> +		panic("Cannot determine DRAM size from devicetree\n");
> +
> +	ret = optee_get_reserved_memory(&optee_base, &optee_size);
> +	if (ret < 0 || optee_size <= CFG_SHMEM_SIZE)
> +		panic("Invalid OPTEE reserved memory in devicetree\n");
> +
> +	tee_shmem_base = optee_base + optee_size - CFG_SHMEM_SIZE;
> +
> +	const struct tzc_region optee_config[] = {
> +		{
> +			.base = STM32_DDR_BASE,
> +			.top = optee_base - 1,
> +			.sec_mode = TZC_ATTR_SEC_NONE,
> +			.nsec_id = STM32_TZC_NSID_ALL,
> +			.filters_mask = STM32_TZC_FILTER_ALL,
> +		}, {
> +			.base = optee_base,
> +			.top = tee_shmem_base - 1,
> +			.sec_mode = TZC_ATTR_SEC_RW,
> +			.nsec_id = 0,
> +			.filters_mask = STM32_TZC_FILTER_ALL,
> +		}, {
> +			.base = tee_shmem_base,
> +			.top = dram_top,
> +			.sec_mode = TZC_ATTR_SEC_NONE,
> +			.nsec_id = STM32_TZC_NSID_ALL,
> +			.filters_mask = STM32_TZC_FILTER_ALL,
> +		}, {
> +			.top = 0,
> +		}
> +	};
> +
> +	flush_dcache_all();
> +
> +	tzc_configure(tzc, optee_config);
> +	tzc_dump_config(tzc);
> +
> +	dcache_disable();
> +}
> +
> +void spl_board_prepare_for_optee(void *fdt)
> +{
> +	stm32_init_tzc_for_optee();
> +}
> +
>  void board_init_f(ulong dummy)
>  {
>  	struct udevice *dev;
> 

Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>

Thanks
Patrice