diff options
| author | Ye Li <ye.li@nxp.com> | 2018-12-26 04:59:56 -0800 |
|---|---|---|
| committer | Anson Huang <Anson.Huang@nxp.com> | 2019-12-13 10:45:50 +0800 |
| commit | fdd8c22694528c072b0b06c0bb53d2d7c94d55f2 (patch) | |
| tree | 12a04ff7c28c59ba16f8120d44d270a6cfb6143d | |
| parent | b4b5674df40e281483702c1795cd2912fd437670 (diff) | |
imx8qm/qxp: Protect the lower 96K ocram used for SPL
Because the partition reboot won't reload the first level bootloader (SPL),
the SPL won't be authenticated. Users can corrupt the SPL image to break
the boot trust chain in secure boot if we don't protect that OCRAM area.
This patch configures the memory area from 0x0 to 0x118000 only accessed by
secure partition (ATF and OPTEE). Non-secure partitions (u-boot and kernel)
can't access it.
Signed-off-by: Ye Li <ye.li@nxp.com>
(cherry picked from commit 1eff7d3ef6f121782e56bb1807744ede48b8580b)
(cherry picked from commit 96d33120bb57895db73e669ef0aeccde0d4875d5)
| -rw-r--r-- | plat/imx/imx8qm/imx8qm_bl31_setup.c | 29 | ||||
| -rw-r--r-- | plat/imx/imx8qm/include/platform_def.h | 3 | ||||
| -rw-r--r-- | plat/imx/imx8qx/imx8qx_bl31_setup.c | 29 | ||||
| -rw-r--r-- | plat/imx/imx8qx/include/platform_def.h | 3 |
4 files changed, 58 insertions, 6 deletions
diff --git a/plat/imx/imx8qm/imx8qm_bl31_setup.c b/plat/imx/imx8qm/imx8qm_bl31_setup.c index b7732fb7..4940f351 100644 --- a/plat/imx/imx8qm/imx8qm_bl31_setup.c +++ b/plat/imx/imx8qm/imx8qm_bl31_setup.c @@ -160,8 +160,8 @@ static int lpuart32_serial_init(unsigned int base) void mx8_partition_resources(void) { sc_rm_pt_t secure_part, os_part; - sc_rm_mr_t mr, mr_record = 64; - sc_faddr_t start, end; + sc_rm_mr_t mr, mr_record = 64, mr_ocram = 64; + sc_faddr_t start, end, reg_end; bool owned, owned2; sc_err_t err; int i; @@ -197,7 +197,11 @@ void mx8_partition_resources(void) NOTICE("Memreg %u 0x%llx -- 0x%llx\n", mr, start, end); if (BL31_BASE >= start && (BL31_LIMIT - 1) <= end) { mr_record = mr; /* Record the mr for ATF running */ - } else { + } + else if (0 >= start && (OCRAM_BASE + OCRAM_ALIAS_SIZE - 1) <= end) { + mr_ocram = mr; + } + else { err = sc_rm_assign_memreg(ipc_handle, os_part, mr); if (err) ERROR("Memreg assign failed, 0x%llx -- 0x%llx, \ @@ -233,6 +237,25 @@ void mx8_partition_resources(void) } } + if (mr_ocram != 64) { + err = sc_rm_get_memreg_info(ipc_handle, mr_ocram, &start, &end); + reg_end = end; + if (err) { + ERROR("Memreg get info failed, %u\n", mr_ocram); + } else { + if ((OCRAM_BASE + OCRAM_ALIAS_SIZE - 1) < end) { + err = sc_rm_memreg_alloc(ipc_handle, &mr, OCRAM_BASE + OCRAM_ALIAS_SIZE, reg_end); + if (err) { + ERROR("sc_rm_memreg_alloc failed, 0x%llx -- 0x%llx\n", (sc_faddr_t)OCRAM_BASE + OCRAM_ALIAS_SIZE, reg_end); + } else { + err = sc_rm_assign_memreg(ipc_handle, os_part, mr); + if (err) + ERROR("Memreg assign failed, 0x%llx -- 0x%llx\n", (sc_faddr_t)OCRAM_BASE + OCRAM_ALIAS_SIZE, reg_end); + } + } + } + } + owned = sc_rm_is_resource_owned(ipc_handle, SC_R_M4_0_PID0); if (owned) { err = sc_rm_set_resource_movable(ipc_handle, SC_R_M4_0_PID0, diff --git a/plat/imx/imx8qm/include/platform_def.h b/plat/imx/imx8qm/include/platform_def.h index 9da04890..4b02a3f8 100644 --- a/plat/imx/imx8qm/include/platform_def.h +++ b/plat/imx/imx8qm/include/platform_def.h @@ -40,6 +40,9 @@ #define BL31_BASE 0x80000000 #define BL31_LIMIT 0x80020000 +#define OCRAM_BASE 0x100000 +#define OCRAM_ALIAS_SIZE 0x18000 /* The lower 96KB is in OCRAM alias from 0x0 */ + #define PLAT_GICD_BASE 0x51a00000 #define PLAT_GICR_BASE 0x51b00000 #define PLAT_CCI_BASE 0x52090000 diff --git a/plat/imx/imx8qx/imx8qx_bl31_setup.c b/plat/imx/imx8qx/imx8qx_bl31_setup.c index 73920b75..83d11fc9 100644 --- a/plat/imx/imx8qx/imx8qx_bl31_setup.c +++ b/plat/imx/imx8qx/imx8qx_bl31_setup.c @@ -155,8 +155,8 @@ static int lpuart32_serial_init(unsigned int base) void imx8_partition_resources(void) { sc_rm_pt_t secure_part, os_part; - sc_rm_mr_t mr, mr_record = 64; - sc_faddr_t start, end; + sc_rm_mr_t mr, mr_record = 64, mr_ocram = 64; + sc_faddr_t start, end, reg_end; sc_err_t err; bool owned; int i; @@ -198,7 +198,11 @@ void imx8_partition_resources(void) NOTICE("Memreg %u 0x%llx -- 0x%llx\n", mr, start, end); if (BL31_BASE >= start && (BL31_LIMIT - 1) <= end) { mr_record = mr; /* Record the mr for ATF running */ - } else { + } + else if (0 >= start && (OCRAM_BASE + OCRAM_ALIAS_SIZE - 1) <= end) { + mr_ocram = mr; + } + else { err = sc_rm_assign_memreg(ipc_handle, os_part, mr); if (err) ERROR("Memreg assign failed, 0x%llx -- 0x%llx, \ @@ -234,6 +238,25 @@ void imx8_partition_resources(void) } } + if (mr_ocram != 64) { + err = sc_rm_get_memreg_info(ipc_handle, mr_ocram, &start, &end); + reg_end = end; + if (err) { + ERROR("Memreg get info failed, %u\n", mr_ocram); + } else { + if ((OCRAM_BASE + OCRAM_ALIAS_SIZE - 1) < end) { + err = sc_rm_memreg_alloc(ipc_handle, &mr, OCRAM_BASE + OCRAM_ALIAS_SIZE, reg_end); + if (err) { + ERROR("sc_rm_memreg_alloc failed, 0x%llx -- 0x%llx\n", (sc_faddr_t)OCRAM_BASE + OCRAM_ALIAS_SIZE, reg_end); + } else { + err = sc_rm_assign_memreg(ipc_handle, os_part, mr); + if (err) + ERROR("Memreg assign failed, 0x%llx -- 0x%llx\n", (sc_faddr_t)OCRAM_BASE + OCRAM_ALIAS_SIZE, reg_end); + } + } + } + } + owned = sc_rm_is_resource_owned(ipc_handle, SC_R_M4_0_PID0); if (owned) { err = sc_rm_set_resource_movable(ipc_handle, SC_R_M4_0_PID0, diff --git a/plat/imx/imx8qx/include/platform_def.h b/plat/imx/imx8qx/include/platform_def.h index 40f01464..6e9d13c5 100644 --- a/plat/imx/imx8qx/include/platform_def.h +++ b/plat/imx/imx8qx/include/platform_def.h @@ -35,6 +35,9 @@ #define BL31_BASE 0x80000000 #define BL31_LIMIT 0x80020000 +#define OCRAM_BASE 0x100000 +#define OCRAM_ALIAS_SIZE 0x18000 /* The lower 96KB is in OCRAM alias from 0x0 */ + #define PLAT_VIRT_ADDR_SPACE_SIZE (1ull << 32) #define PLAT_PHY_ADDR_SPACE_SIZE (1ull << 32) |