This patch fixes a crash in PEI on the AArch64 FVP platform when using SEC for EL3. The current SEC code is not performing initialization of the TZC-400 TrustZone controller such that DRAM is not usable by PEI in EL2. This is a minimal fix - long term a library abstraction for the TZC-400 would be more appropriate with a general library interface for configuring TZ address regions.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eugene Cohen <eug...@hp.com> --- .../ArmVExpressPkg/Include/Platform/RTSM/ArmPlatform.h | 3 +++ .../ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/RTSMSec.c | 14 +++++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/ArmPlatformPkg/ArmVExpressPkg/Include/Platform/RTSM/ArmPlatform.h b/ArmPlatformPkg/ArmVExpressPkg/Include/Platform/RTSM/ArmPlatform.h index 06414e6..67a36c5 100644 --- a/ArmPlatformPkg/ArmVExpressPkg/Include/Platform/RTSM/ArmPlatform.h +++ b/ArmPlatformPkg/ArmVExpressPkg/Include/Platform/RTSM/ArmPlatform.h @@ -51,6 +51,9 @@ // This can be any value since we only support motherboard PL111 #define LCD_VRAM_CORE_TILE_BASE 0x00000000 +// TZC-400 Address Space Controller +#define ARM_VE_TZC400_BASE 0x2a4a0000 + // On-chip peripherals (Snoop Control Unit etc...) #define ARM_VE_ON_CHIP_PERIPH_BASE 0x2C000000 // Note: The TRM says not all the peripherals are implemented diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/RTSMSec.c b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/RTSMSec.c index 9023715..cb6dca5 100644 --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/RTSMSec.c +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/RTSMSec.c @@ -41,7 +41,19 @@ ArmPlatformSecTrustzoneInit ( IN UINTN MpId ) { - // No TZPC or TZASC on RTSM to initialize + // Initialize TSC-400 to open all DRAM below 4G to nonsecure world + + // configure security errors to be bus errors (data/prefetch aborts); + MmioWrite32(ARM_VE_TZC400_BASE + 0x004, 0x01); + + // enable gate keepers for all four filter enables + MmioWrite32(ARM_VE_TZC400_BASE + 0x008, BIT3 | BIT2 | BIT1 | BIT0); + + // enable secure reads and writes to region 0 - s_wr_en, s_rd_en + MmioOr32(ARM_VE_TZC400_BASE + 0x110, BIT31 | BIT30); + + // enable all IDs to do non-secure read and writes + MmioWrite32(ARM_VE_TZC400_BASE + 0x114, 0xFFFFFFFF); } /** -- 1.9.5.msysgit.0
0001-configure-TZC-400-in-EL3-SEC-so-DRAM-is-writable-by-.patch
Description: 0001-configure-TZC-400-in-EL3-SEC-so-DRAM-is-writable-by-.patch
------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel