[PATCH v2 6/7] stm32mp: don't map the reserved region with no-map property
Patrick Delaunay
patrick.delaunay at foss.st.com
Mon Feb 8 14:26:54 CET 2021
No more map the reserved region with "no-map" property by marking
the corresponding TLB entries with invalid entry (=0) to avoid
speculative access.
This patch fixes an issue where predictive read access on secure DDR
OP-TEE reserved area are caught by firewall.
Signed-off-by: Patrick Delaunay <patrick.delaunay at foss.st.com>
---
Changes in v2:
- NEW: update in stm32mp specific MMU setup functions
arch/arm/mach-stm32mp/cpu.c | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/arch/arm/mach-stm32mp/cpu.c b/arch/arm/mach-stm32mp/cpu.c
index 030066dc7c..2e0d709fed 100644
--- a/arch/arm/mach-stm32mp/cpu.c
+++ b/arch/arm/mach-stm32mp/cpu.c
@@ -12,6 +12,7 @@
#include <env.h>
#include <init.h>
#include <log.h>
+#include <lmb.h>
#include <misc.h>
#include <net.h>
#include <asm/io.h>
@@ -220,6 +221,9 @@ void dram_bank_mmu_setup(int bank)
int i;
phys_addr_t start;
phys_size_t size;
+ struct lmb lmb;
+ bool use_lmb = false;
+ enum dcache_option option;
if (IS_ENABLED(CONFIG_SPL_BUILD)) {
start = ALIGN_DOWN(STM32_SYSRAM_BASE, MMU_SECTION_SIZE);
@@ -228,6 +232,10 @@ void dram_bank_mmu_setup(int bank)
/* bd->bi_dram is available only after relocation */
start = bd->bi_dram[bank].start;
size = bd->bi_dram[bank].size;
+ if (IS_ENABLED(CONFIG_LMB)) {
+ use_lmb = true;
+ lmb_init_and_reserve(&lmb, bd, (void *)gd->fdt_blob);
+ }
} else {
/* mark cacheable and executable the beggining of the DDR */
start = STM32_DDR_BASE;
@@ -236,8 +244,12 @@ void dram_bank_mmu_setup(int bank)
for (i = start >> MMU_SECTION_SHIFT;
i < (start >> MMU_SECTION_SHIFT) + (size >> MMU_SECTION_SHIFT);
- i++)
- set_section_dcache(i, DCACHE_DEFAULT_OPTION);
+ i++) {
+ option = DCACHE_DEFAULT_OPTION;
+ if (use_lmb && lmb_is_reserved_flags(&lmb, i << MMU_SECTION_SHIFT, LMB_NOMAP))
+ option = INVALID_ENTRY;
+ set_section_dcache(i, option);
+ }
}
/*
* initialize the MMU and activate cache in SPL or in U-Boot pre-reloc stage
--
2.17.1
More information about the U-Boot
mailing list