[PATCH v2 11/21] arm: socfpga: Secure register access for clock manager (SoC 64bits)

Simon Goldschmidt simon.k.r.goldschmidt at gmail.com
Mon Feb 24 10:16:31 CET 2020 

Ang, Chee Hong <chee.hong.ang at intel.com> schrieb am Mo., 24. Feb. 2020,
10:12:

>
>
>
>
> *From:* Ang, Chee Hong
> *Sent:* Saturday, February 22, 2020 6:00 PM
> *To:* Simon Goldschmidt <simon.k.r.goldschmidt at gmail.com>
> *Cc:* U-Boot Mailing List <u-boot at lists.denx.de>; Marek Vasut <
> marex at denx.de>; See, Chin Liang <chin.liang.see at intel.com>; Tan, Ley Foon
> <ley.foon.tan at intel.com>; Westergreen, Dalon <dalon.westergreen at intel.com>;
> Gong, Richard <richard.gong at intel.com>
> *Subject:* RE: [PATCH v2 11/21] arm: socfpga: Secure register access for
> clock manager (SoC 64bits)
>
>
>
> Ang, Chee Hong <chee.hong.ang at intel.com> schrieb am Sa., 22. Feb. 2020,
> 06:30:
>
> > From: Chee Hong Ang <chee.hong.ang at intel.com>
> >
> > Allow clock manager driver to access the System Manager's Boot Scratch
> > Register 0 in non-secure mode (EL2) on SoC 64bits platform.
> >
> > Signed-off-by: Chee Hong Ang <chee.hong.ang at intel.com>
> > ---
> >  arch/arm/mach-socfpga/clock_manager_agilex.c | 5 +++--
> >  arch/arm/mach-socfpga/clock_manager_s10.c    | 5 +++--
> >  2 files changed, 6 insertions(+), 4 deletions(-)
> >
> > diff --git a/arch/arm/mach-socfpga/clock_manager_agilex.c
> b/arch/arm/mach-
> > socfpga/clock_manager_agilex.c
> > index 4ee2b7b..e5a0998 100644
> > --- a/arch/arm/mach-socfpga/clock_manager_agilex.c
> > +++ b/arch/arm/mach-socfpga/clock_manager_agilex.c
> > @@ -12,6 +12,7 @@
> >  #include <asm/arch/system_manager.h>
> >  #include <asm/io.h>
> >  #include <dt-bindings/clock/agilex-clock.h>
> > +#include <asm/arch/secure_reg_helper.h>
> >
> >  DECLARE_GLOBAL_DATA_PTR;
> >
> > @@ -65,8 +66,8 @@ unsigned int cm_get_l4_sys_free_clk_hz(void)
> >
> >  u32 cm_get_qspi_controller_clk_hz(void)
> >  {
> > -     return readl(socfpga_get_sysmgr_addr() +
> > -                  SYSMGR_SOC64_BOOT_SCRATCH_COLD0);
> > +     return socfpga_secure_reg_read32(socfpga_get_sysmgr_addr() +
> > +
> > SYSMGR_SOC64_BOOT_SCRATCH_COLD0);
> >  }
> >
> >  void cm_print_clock_quick_summary(void)
> > diff --git a/arch/arm/mach-socfpga/clock_manager_s10.c b/arch/arm/mach-
> > socfpga/clock_manager_s10.c
> > index 05e4212..02578cc 100644
> > --- a/arch/arm/mach-socfpga/clock_manager_s10.c
> > +++ b/arch/arm/mach-socfpga/clock_manager_s10.c
> > @@ -9,6 +9,7 @@
> >  #include <asm/arch/clock_manager.h>
> >  #include <asm/arch/handoff_s10.h>
> >  #include <asm/arch/system_manager.h>
> > +#include <asm/arch/secure_reg_helper.h>
> >
> >  DECLARE_GLOBAL_DATA_PTR;
> >
> > @@ -385,8 +386,8 @@ unsigned int cm_get_l4_sp_clk_hz(void)
> >
> >  unsigned int cm_get_qspi_controller_clk_hz(void)
> >  {
> > -     return readl(socfpga_get_sysmgr_addr() +
> > -                  SYSMGR_SOC64_BOOT_SCRATCH_COLD0);
> > +     return socfpga_secure_reg_read32(socfpga_get_sysmgr_addr() +
> > +
> > SYSMGR_SOC64_BOOT_SCRATCH_COLD0);
> >  }
> >
> >  unsigned int cm_get_spi_controller_clk_hz(void)
> > --
> > 2.7.4
> >SPL reads the clock info from handoff table (OCRAM) and write
> >the clock info into the System Manager's boot scratch register.
> >U-Boot proper will read from the System Manager's boot scratch
> >register to get the clock info in case the handoff table (OCRAM)
> >is no longer available.
> >After some investigations, the handoff table in OCRAM should be preserved
> >for warm boot. In other words, this handoff table should be left
> untouched.
> >SPL and U-Boot should directly read the clock info from handoff table in
> OCRAM.
> >Therefore, U-Boot proper no longer need to read the clock info from
> >System Manager's boot scratch register (secure zone) from non-secure
> world (EL2).
>
>
>
> >I don't think that's a good idea: for security reasons, SPL memory should
> not be accessible from EL2 if it is required/used for the next reboot.
>
> >
>
> >Regards,
>
> >Simon
>
> Right. I think I will have to go for proper high-level API in ATF for EL2
> to query the clock frequency:
>
> INTEL_SIP_SMC_CLK_GET_QSPI
>
>
>
> I found out System Manager is read only in EL2 and read/write in EL3.
>
> Will drop this patch.
>
> No change required since it only read back from System Manager’s registers.
>

So reading these registers is allowed in EL2? I would have expected all
access is blocked? Is this specified somewhere, or will it be?

Regards,
Simon

>

More information about the U-Boot mailing list