mirrors/meta-arm
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-arm synced 2026-01-12 03:10:15 +00:00
Code Issues Projects Releases Wiki Activity

arm-bsp/trusted-firmware-a: Reserve OP-TEE memory from NWd on N1SDP

Browse Source 
The physical memory which is used to run OP-TEE on the N1SDP is known
to the secure world via TOS_FW_CONFIG, but it may not be known to the
normal world.

As a precaution, explicitly reserve this memory via NT_FW_CONFIG to
prevent the normal world from using it. This is not required on most
platforms as the Trusted OS is run from secure RAM.

Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit is contained in:
Adam Johnston
2023-07-26 16:17:25 +01:00
committed by Jon Mason
parent 1a15a5b052
commit 10c355b9c7
2 changed files with 47 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0001-Reserve-OP-TEE-memory-from-nwd.patch Normal file
View File

@@ -0,0 +1,41 @@
From 2d305094f8f500362079e9e7637d46129bf980e4 Mon Sep 17 00:00:00 2001
From: Adam Johnston <adam.johnston@arm.com>
Date: Tue, 25 Jul 2023 16:05:51 +0000
Subject: [PATCH] n1sdp: Reserve OP-TEE memory from NWd
The physical memory which is used to run OP-TEE on the N1SDP is known
to the secure world via TOS_FW_CONFIG, but it may not be known to the
normal world.
As a precaution, explicitly reserve this memory via NT_FW_CONFIG to
prevent the normal world from using it. This is not required on most
platforms as the Trusted OS is run from secure RAM.
Upstream-Status: Pending (not yet submited to upstream)
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
---
plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts b/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts
index da5e04ddb6..b7e2d4e86f 100644
--- a/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts
+++ b/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts
@@ -20,4 +20,16 @@
local-ddr-size = <0x0>;
remote-ddr-size = <0x0>;
};
+
+ reserved-memory {
+ #address-cells = <2>;
+ #size-cells = <2>;
+ ranges;
+
+ optee@0x08000000 {
+ compatible = "removed-dma-pool";
+ reg = <0x0 0x08000000 0x0 0x02000000>;
+ no-map;
+ };
+ };
};
\ No newline at end of file

6
meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc
View File

@@ -9,6 +9,12 @@ TFA_MBEDTLS = "1"
TFA_UBOOT = "0"
TFA_UEFI = "1"
FILESEXTRAPATHS:prepend := "${THISDIR}/files/n1sdp:"
SRC_URI:append = " \
file://0001-Reserve-OP-TEE-memory-from-nwd.patch \
"
TFA_ROT_KEY= "plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem"
# Enabling Secure-EL1 Payload Dispatcher (SPD)