[edk2] [PATCH] ArmPlatformPkg: configure TZC-400 in EL3 SEC so DRAM is writable by non-secure code

Cohen, Eugene Fri, 08 May 2015 16:18:12 -0700

This patch fixes a crash in PEI on the AArch64 FVP platform when using SEC for 
EL3.  The current SEC code is not performing initialization of the TZC-400 
TrustZone controller such that DRAM is not usable by PEI in EL2.  This is a 
minimal fix - long term a library abstraction for the TZC-400 would be more 
appropriate with a general library interface for configuring TZ address regions.



Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Eugene Cohen <eug...@hp.com>


---
.../ArmVExpressPkg/Include/Platform/RTSM/ArmPlatform.h     |  3 +++
.../ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/RTSMSec.c | 14 +++++++++++++-
2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/ArmPlatformPkg/ArmVExpressPkg/Include/Platform/RTSM/ArmPlatform.h 
b/ArmPlatformPkg/ArmVExpressPkg/Include/Platform/RTSM/ArmPlatform.h
index 06414e6..67a36c5 100644
--- a/ArmPlatformPkg/ArmVExpressPkg/Include/Platform/RTSM/ArmPlatform.h
+++ b/ArmPlatformPkg/ArmVExpressPkg/Include/Platform/RTSM/ArmPlatform.h
@@ -51,6 +51,9 @@
// This can be any value since we only support motherboard PL111
#define LCD_VRAM_CORE_TILE_BASE                 0x00000000
+// TZC-400 Address Space Controller
+#define ARM_VE_TZC400_BASE                      0x2a4a0000
+
// On-chip peripherals (Snoop Control Unit etc...)
#define ARM_VE_ON_CHIP_PERIPH_BASE              0x2C000000
// Note: The TRM says not all the peripherals are implemented
diff --git 
a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/RTSMSec.c 
b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/RTSMSec.c
index 9023715..cb6dca5 100644
--- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/RTSMSec.c
+++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/RTSMSec.c
@@ -41,7 +41,19 @@ ArmPlatformSecTrustzoneInit (
   IN  UINTN                     MpId
   )
{
-  // No TZPC or TZASC on RTSM to initialize
+  // Initialize TSC-400 to open all DRAM below 4G to nonsecure world
+
+  // configure security errors to be bus errors (data/prefetch aborts);
+  MmioWrite32(ARM_VE_TZC400_BASE + 0x004, 0x01);
+
+  // enable gate keepers for all four filter enables
+  MmioWrite32(ARM_VE_TZC400_BASE + 0x008, BIT3 | BIT2 | BIT1 | BIT0);
+
+  // enable secure reads and writes to region 0 - s_wr_en, s_rd_en
+  MmioOr32(ARM_VE_TZC400_BASE + 0x110, BIT31 | BIT30);
+
+  // enable all IDs to do non-secure read and writes
+  MmioWrite32(ARM_VE_TZC400_BASE + 0x114, 0xFFFFFFFF);
}
 /**
--
1.9.5.msysgit.0

0001-configure-TZC-400-in-EL3-SEC-so-DRAM-is-writable-by-.patch
Description: 0001-configure-TZC-400-in-EL3-SEC-so-DRAM-is-writable-by-.patch

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel

[edk2] [PATCH] ArmPlatformPkg: configure TZC-400 in EL3 SEC so DRAM is writable by non-secure code

Reply via email to