From f2199d95d931826be7f87af0935ac536812d0488 Mon Sep 17 00:00:00 2001 From: Harry Liebel Date: Tue, 1 Apr 2014 19:27:38 +0100 Subject: [PATCH] Enable secure memory support for FVPs - Use the TrustZone controller on Base FVP to program DRAM access permissions. By default no access to DRAM is allowed if 'secure memory' is enabled on the Base FVP. - The Foundation FVP does not have a TrustZone controller but instead has fixed access permissions. - Update FDTs for Linux to use timers at the correct security level. - Starting the FVPs with 'secure memory' disabled is also supported. Limitations: Virtio currently uses a reserved NSAID. This will be corrected in future FVP releases. Change-Id: I0b6c003a7b5982267815f62bcf6eb82aa4c50a31 --- fdts/fvp-base-gicv2-psci.dtb | Bin 9077 -> 9077 bytes fdts/fvp-base-gicv2-psci.dts | 8 +- fdts/fvp-base-gicv2legacy-psci.dtb | Bin 9077 -> 9077 bytes fdts/fvp-base-gicv2legacy-psci.dts | 8 +- fdts/fvp-base-gicv3-psci.dtb | Bin 9544 -> 9544 bytes fdts/fvp-base-gicv3-psci.dts | 8 +- fdts/fvp-foundation-gicv2-psci.dtb | Bin 6798 -> 6802 bytes fdts/fvp-foundation-gicv2-psci.dts | 10 +- fdts/fvp-foundation-gicv2legacy-psci.dtb | Bin 6798 -> 6802 bytes fdts/fvp-foundation-gicv2legacy-psci.dts | 10 +- fdts/fvp-foundation-gicv3-psci.dtb | Bin 7265 -> 7269 bytes fdts/fvp-foundation-gicv3-psci.dts | 10 +- plat/fvp/aarch64/plat_common.c | 2 + plat/fvp/bl2_plat_setup.c | 8 ++ plat/fvp/plat_security.c | 131 +++++++++++++++++++++++ plat/fvp/platform.h | 29 ++++- plat/fvp/platform.mk | 6 +- 17 files changed, 201 insertions(+), 29 deletions(-) create mode 100644 plat/fvp/plat_security.c diff --git a/fdts/fvp-base-gicv2-psci.dtb b/fdts/fvp-base-gicv2-psci.dtb index 5bfdcf1da5e6b0c0a7b5771a744a13eb08bc39ee..abdb9a0cd5ede8549fc3f315519f50b2dc46b166 100644 GIT binary patch delta 78 zcmezB_SJ2}U3N!f10Y}k0cId(0pia<%n0T40O`X(3<6R>43Y<_69D3FAZE~N-Ymxv GE)4+ay$Qeo delta 78 zcmezB_SJ2}U3Nz!10Y}k0cId(0piaf4iJF&JV1OH!~p_HAO^{U#07x38;BXSnl{UE Hgi8Ye=p_lf diff --git a/fdts/fvp-base-gicv2-psci.dts b/fdts/fvp-base-gicv2-psci.dts index 7924651e..7d089227 100644 --- a/fdts/fvp-base-gicv2-psci.dts +++ b/fdts/fvp-base-gicv2-psci.dts @@ -147,10 +147,10 @@ #address-cells = <2>; #size-cells = <2>; ranges; - frame@2a820000 { - frame-number = <0>; - interrupts = <0 25 4>; - reg = <0x0 0x2a820000 0x0 0x10000>; + frame@2a830000 { + frame-number = <1>; + interrupts = <0 26 4>; + reg = <0x0 0x2a830000 0x0 0x10000>; }; }; diff --git a/fdts/fvp-base-gicv2legacy-psci.dtb b/fdts/fvp-base-gicv2legacy-psci.dtb index db17e980623c34eea37249373decccb09daa2736..3fc6b3eeda052a44440b41956f3f4a3e6a5bd9a5 100644 GIT binary patch delta 78 zcmezB_SJ2}U3N!f10Y}k0cId(0pia<%n0T40O`X(3<6R>43Y<_69D3FAZE~N-Ymxv GE)4+ay$Qeo delta 78 zcmezB_SJ2}U3Nz!10Y}k0cId(0piaf4iJF&JV1OH!~p_HAO^{U#07x38;BXSnl{UE Hgi8Ye=p_lf diff --git a/fdts/fvp-base-gicv2legacy-psci.dts b/fdts/fvp-base-gicv2legacy-psci.dts index cfd50a70..f0952314 100644 --- a/fdts/fvp-base-gicv2legacy-psci.dts +++ b/fdts/fvp-base-gicv2legacy-psci.dts @@ -147,10 +147,10 @@ #address-cells = <2>; #size-cells = <2>; ranges; - frame@2a820000 { - frame-number = <0>; - interrupts = <0 25 4>; - reg = <0x0 0x2a820000 0x0 0x10000>; + frame@2a830000 { + frame-number = <1>; + interrupts = <0 26 4>; + reg = <0x0 0x2a830000 0x0 0x10000>; }; }; diff --git a/fdts/fvp-base-gicv3-psci.dtb b/fdts/fvp-base-gicv3-psci.dtb index 52f251b88d76668d967dfb1a07dc006e076dd366..1efa13680ff027754dcf3777ea7bfec6acbf3070 100644 GIT binary patch delta 78 zcmX@%b;4_dCx@f40T3{N05cG?FfcGO0cl1kp9e^v0%8!50%D*%Se*cn?gnB8t>(>L H9Q$Mdc-siZ delta 78 zcmX@%b;4_dCx@ev0T3{N05cG?FfcGOfq4)<50HHd%9n)5gVhND+1(&; #size-cells = <2>; ranges; - frame@2a820000 { - frame-number = <0>; - interrupts = <0 25 4>; - reg = <0x0 0x2a820000 0x0 0x10000>; + frame@2a830000 { + frame-number = <1>; + interrupts = <0 26 4>; + reg = <0x0 0x2a830000 0x0 0x10000>; }; }; diff --git a/fdts/fvp-foundation-gicv2-psci.dtb b/fdts/fvp-foundation-gicv2-psci.dtb index d982e8567dfc3068e49e75b073901cc6c739da6d..ca100889e1ebcf4b7d7ad8747de067f24fecf830 100644 GIT binary patch delta 124 zcmeA(on$I-f%o5A1_r4~3=9k&3=9$-69vQ>9VTk%3-bd-7~H}F6x{Ml^HLH^GV}8` zrhR91G&TSNkQ@Uu5VHXBXCP*T@_B&tVIT$pDIf;PgVYHCaW@b%XfS@*r^mAnpcY2Cb&ei`YI00|0ko6Gi|4 diff --git a/fdts/fvp-foundation-gicv2-psci.dts b/fdts/fvp-foundation-gicv2-psci.dts index c886f5dc..bf368a01 100644 --- a/fdts/fvp-foundation-gicv2-psci.dts +++ b/fdts/fvp-foundation-gicv2-psci.dts @@ -36,7 +36,7 @@ }; / { - model = "FVP Base"; + model = "FVP Foundation"; compatible = "arm,fvp-base", "arm,vexpress"; interrupt-parent = <&gic>; #address-cells = <2>; @@ -123,10 +123,10 @@ #address-cells = <2>; #size-cells = <2>; ranges; - frame@2a820000 { - frame-number = <0>; - interrupts = <0 25 4>; - reg = <0x0 0x2a820000 0x0 0x10000>; + frame@2a830000 { + frame-number = <1>; + interrupts = <0 26 4>; + reg = <0x0 0x2a830000 0x0 0x10000>; }; }; diff --git a/fdts/fvp-foundation-gicv2legacy-psci.dtb b/fdts/fvp-foundation-gicv2legacy-psci.dtb index 849e68ac47b98c9b42c2e56cc159a66c53e2d4e5..a602ff5ce512e766b70a60792212220a76db48e7 100644 GIT binary patch delta 124 zcmeA(on$I-f%o5A1_r4~3=9k&3=9$-69vQ>9VTk%3-bd-7~H}F6x{Ml^HLH^GV}8` zrhR91G&TSNkQ@Uu5VHXBXCP*T@_B&tVIT$pDIf;PgVYHCaW@b%XfS@*r^mAnpcY2Cb&ei`YI00|0ko6Gi|4 diff --git a/fdts/fvp-foundation-gicv2legacy-psci.dts b/fdts/fvp-foundation-gicv2legacy-psci.dts index b62ef2bf..63cef80c 100644 --- a/fdts/fvp-foundation-gicv2legacy-psci.dts +++ b/fdts/fvp-foundation-gicv2legacy-psci.dts @@ -36,7 +36,7 @@ }; / { - model = "FVP Base"; + model = "FVP Foundation"; compatible = "arm,fvp-base", "arm,vexpress"; interrupt-parent = <&gic>; #address-cells = <2>; @@ -123,10 +123,10 @@ #address-cells = <2>; #size-cells = <2>; ranges; - frame@2a820000 { - frame-number = <0>; - interrupts = <0 25 4>; - reg = <0x0 0x2a820000 0x0 0x10000>; + frame@2a830000 { + frame-number = <1>; + interrupts = <0 26 4>; + reg = <0x0 0x2a830000 0x0 0x10000>; }; }; diff --git a/fdts/fvp-foundation-gicv3-psci.dtb b/fdts/fvp-foundation-gicv3-psci.dtb index c6472e000fd0bdb6c7e39c3038e875ab8d037c2f..f64e42105ac9b3c9083462c1c09670cacc4c6e39 100644 GIT binary patch delta 133 zcmaE8@zg@#0`I@K3=A@<3=9k&3=C2}69vTCSb!XchRO9DG7~-dg!w@{x3B;OxBSw) zl*E$E{Jf26$!w0s20#FkV_*hipdLmhAk7Hn^8o2nKnwy>KnyYyq)q^cyMdTNt9dgQ Hd$=e78FdvD delta 120 zcmaEA@z6rx0`I@K3=A@f3=9k&3=C2p69vQ>876Az^K$}47~H}F6r2)^QyCaGW+k&Z t8W{iqNSuKgh*=mI7@5F42%iVYJ_Y4VLgc~f1c2;rkhoUUW; #address-cells = <2>; @@ -132,10 +132,10 @@ #address-cells = <2>; #size-cells = <2>; ranges; - frame@2a820000 { - frame-number = <0>; - interrupts = <0 25 4>; - reg = <0x0 0x2a820000 0x0 0x10000>; + frame@2a830000 { + frame-number = <1>; + interrupts = <0 26 4>; + reg = <0x0 0x2a830000 0x0 0x10000>; }; }; diff --git a/plat/fvp/aarch64/plat_common.c b/plat/fvp/aarch64/plat_common.c index 16645cb7..dd362f0d 100644 --- a/plat/fvp/aarch64/plat_common.c +++ b/plat/fvp/aarch64/plat_common.c @@ -220,6 +220,7 @@ int platform_config_setup(void) platform_config[CONFIG_CPU_SETUP] = 0; platform_config[CONFIG_BASE_MMAP] = 0; platform_config[CONFIG_HAS_CCI] = 0; + platform_config[CONFIG_HAS_TZC] = 0; break; case HBI_FVP_BASE: midr_pn = (read_midr() >> MIDR_PN_SHIFT) & MIDR_PN_MASK; @@ -232,6 +233,7 @@ int platform_config_setup(void) platform_config[CONFIG_MAX_AFF1] = 2; platform_config[CONFIG_BASE_MMAP] = 1; platform_config[CONFIG_HAS_CCI] = 1; + platform_config[CONFIG_HAS_TZC] = 1; break; default: assert(0); diff --git a/plat/fvp/bl2_plat_setup.c b/plat/fvp/bl2_plat_setup.c index 4d57ed56..da6a4858 100644 --- a/plat/fvp/bl2_plat_setup.c +++ b/plat/fvp/bl2_plat_setup.c @@ -122,6 +122,14 @@ void bl2_early_platform_setup(meminfo *mem_layout, ******************************************************************************/ void bl2_platform_setup() { + /* + * Do initial security configuration to allow DRAM/device access. On + * Base FVP only DRAM security is programmable (via TrustZone), but + * other platforms might have more programmable security devices + * present. + */ + plat_security_setup(); + /* Initialise the IO layer and register platform IO devices */ io_setup(); diff --git a/plat/fvp/plat_security.c b/plat/fvp/plat_security.c new file mode 100644 index 00000000..a60eca3d --- /dev/null +++ b/plat/fvp/plat_security.c @@ -0,0 +1,131 @@ +/* + * Copyright (c) 2014, ARM Limited and Contributors. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of ARM nor the names of its contributors may be used + * to endorse or promote products derived from this software without specific + * prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include "platform.h" +#include "tzc400.h" +#include "debug.h" + +/* Used to improve readability for configuring regions. */ +#define FILTER_SHIFT(filter) (1 << filter) + +/* + * For the moment we assume that all security programming is done by the + * primary core. + * TODO: + * Might want to enable interrupt on violations when supported? + */ +void plat_security_setup(void) +{ + struct tzc_instance controller; + + /* + * The Base FVP has a TrustZone address space controller, the Foundation + * FVP does not. Trying to program the device on the foundation FVP will + * cause an abort. + * + * If the platform had additional peripheral specific security + * configurations, those would be configured here. + */ + + if (!platform_get_cfgvar(CONFIG_HAS_TZC)) + return; + + /* + * The TrustZone controller controls access to main DRAM. Give + * full NS access for the moment to use with OS. + */ + INFO("Configuring TrustZone Controller\n"); + + /* + * The driver does some error checking and will assert. + * - Provide base address of device on platform. + * - Provide width of ACE-Lite IDs on platform. + */ + controller.base = TZC400_BASE; + controller.aid_width = FVP_AID_WIDTH; + tzc_init(&controller); + + /* + * Currently only filters 0 and 2 are connected on Base FVP. + * Filter 0 : CPU clusters (no access to DRAM by default) + * Filter 1 : not connected + * Filter 2 : LCDs (access to VRAM allowed by default) + * Filter 3 : not connected + * Programming unconnected filters will have no effect at the + * moment. These filter could, however, be connected in future. + * So care should be taken not to configure the unused filters. + */ + + /* Disable all filters before programming. */ + tzc_disable_filters(&controller); + + /* + * Allow full access to all DRAM to supported devices for the + * moment. Give access to the CPUs and Virtio. Some devices + * would normally use the default ID so allow that too. We use + * three different regions to cover the three separate blocks of + * memory in the FVPs. We allow secure access to DRAM to load NS + * software. + * FIXME: In current models Virtio uses a reserved ID. This is + * not correct and will be fixed. + */ + + /* Set to cover 2GB block of DRAM */ + tzc_configure_region(&controller, FILTER_SHIFT(0), 1, + DRAM_BASE, 0xFFFFFFFF, TZC_REGION_S_RDWR, + TZC_REGION_ACCESS_RDWR(FVP_NSAID_AP) | + TZC_REGION_ACCESS_RDWR(FVP_NSAID_DEFAULT) | + TZC_REGION_ACCESS_RDWR(FVP_NSAID_RES5)); + + /* Set to cover the 30GB block */ + tzc_configure_region(&controller, FILTER_SHIFT(0), 2, + 0x880000000, 0xFFFFFFFFF, TZC_REGION_S_RDWR, + TZC_REGION_ACCESS_RDWR(FVP_NSAID_AP) | + TZC_REGION_ACCESS_RDWR(FVP_NSAID_DEFAULT) | + TZC_REGION_ACCESS_RDWR(FVP_NSAID_RES5)); + + /* Set to cover 480GB block */ + tzc_configure_region(&controller, FILTER_SHIFT(0), 3, + 0x8800000000, 0xFFFFFFFFFF, TZC_REGION_S_RDWR, + TZC_REGION_ACCESS_RDWR(FVP_NSAID_AP) | + TZC_REGION_ACCESS_RDWR(FVP_NSAID_DEFAULT) | + TZC_REGION_ACCESS_RDWR(FVP_NSAID_RES5)); + + /* + * TODO: Interrupts are not currently supported. The only + * options we have are for access errors to occur quietly or to + * cause an exception. We choose to cause an exception. + */ + tzc_set_action(&controller, TZC_ACTION_ERR); + + /* Enable filters. */ + tzc_enable_filters(&controller); +} diff --git a/plat/fvp/platform.h b/plat/fvp/platform.h index c5943576..01b995b8 100644 --- a/plat/fvp/platform.h +++ b/plat/fvp/platform.h @@ -99,7 +99,8 @@ #define CONFIG_BASE_MMAP 7 /* Indicates whether CCI should be enabled on the platform. */ #define CONFIG_HAS_CCI 8 -#define CONFIG_LIMIT 9 +#define CONFIG_HAS_TZC 9 +#define CONFIG_LIMIT 10 /******************************************************************************* * Platform memory map related constants @@ -303,6 +304,28 @@ #define PL011_UART3_BASE 0x1c0c0000 #define PL011_BASE PL011_UART0_BASE + +/******************************************************************************* + * TrustZone address space controller related constants + ******************************************************************************/ +#define TZC400_BASE 0x2a4a0000 + +/* + * The NSAIDs for this platform as used to program the TZC400. + * TODO: + * This list and the numbers in it is still changing on the Base FVP. + * For now only specify the NSAIDs we actually use. + */ + +/* The FVP has 4 bits of NSAIDs. Used with TZC FAIL_ID (ACE Lite ID width) */ +#define FVP_AID_WIDTH 4 +#define FVP_NSAID_DEFAULT 0 +#define FVP_NSAID_AP 9 /* Application Processors */ + +/* FIXME: Currently incorrectly used by Virtio */ +#define FVP_NSAID_RES5 15 + + /******************************************************************************* * Declarations and constants to access the mailboxes safely. Each mailbox is * aligned on the biggest cache line size in the platform. This is known only @@ -374,6 +397,10 @@ extern void io_setup(void); extern int plat_get_image_source(const char *image_name, io_dev_handle *dev_handle, void **image_spec); +/* Declarations for plat_security.c */ +extern void plat_security_setup(void); + + #endif /*__ASSEMBLY__*/ #endif /* __PLATFORM_H__ */ diff --git a/plat/fvp/platform.mk b/plat/fvp/platform.mk index 36090f20..0fc45de6 100644 --- a/plat/fvp/platform.mk +++ b/plat/fvp/platform.mk @@ -29,6 +29,7 @@ # PLAT_INCLUDES := -Idrivers/arm/interconnect/cci-400 \ + -Idrivers/arm/interconnect/tzc-400 \ -Idrivers/console \ -Idrivers/arm/peripherals/pl011 \ -Idrivers/power @@ -43,6 +44,7 @@ PLAT_BL1_C_VPATH := drivers/arm/interconnect/cci-400 \ PLAT_BL1_S_VPATH := lib/semihosting/${ARCH} PLAT_BL2_C_VPATH := drivers/arm/interconnect/cci-400 \ + drivers/arm/interconnect/tzc-400 \ drivers/arm/peripherals/pl011 \ lib/arch/${ARCH} \ lib/stdlib \ @@ -82,7 +84,9 @@ BL1_SOURCES += bl1_plat_setup.c \ BL2_SOURCES += bl2_plat_setup.c \ platform_up_stack.S \ - plat_common.c + plat_common.c \ + plat_security.c \ + tzc400.c BL31_SOURCES += bl31_plat_setup.c \ plat_helpers.S \ -- 2.30.2