From 12c5ae238ed1f6fcf2c29fa38d5ff77b15da12c9 Mon Sep 17 00:00:00 2001 From: oliviermartin Date: Tue, 27 Sep 2011 16:29:07 +0000 Subject: [PATCH] ArmPlatformPkg: Replaced 'ArmPlatformTrustzoneSupported' by the fixed Pcd gArmTokenSpaceGuid.PcdTrustzoneSupport This change does not make possible to disable Trustzone from the firmware. The firmware has to be built for Trustzone support enabled or disabled. The memory page table are now defined as 'Normal Memory' in any case. Except for RTSM Device Memory which as to be Secure Device Memory due to a RTSM bug. git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12452 6f19259b-4bc3-4df7-8a09-765794883524 --- ArmPkg/ArmPkg.dec | 2 + .../ArmRealViewEbLibRTSM/ArmRealViewEb.c | 20 --------- .../ArmRealViewEbLibRTSM/ArmRealViewEbMem.c | 17 ++++---- .../ArmVExpressSecLib.inf | 2 + .../Library/ArmVExpressLibCTA9x4/CTA9x4.c | 25 +++-------- .../Library/ArmVExpressLibCTA9x4/CTA9x4Mem.c | 42 +++++-------------- .../Library/ArmVExpressLibCTA9x4/CTA9x4Sec.c | 6 +++ .../Library/ArmVExpressLibRTSM/RTSM.c | 25 +++-------- .../Library/ArmVExpressLibRTSM/RTSMMem.c | 29 ++++--------- .../Include/Library/ArmPlatformLib.h | 16 ------- ArmPlatformPkg/Sec/Sec.c | 2 +- ArmPlatformPkg/Sec/Sec.inf | 1 + 12 files changed, 49 insertions(+), 138 deletions(-) diff --git a/ArmPkg/ArmPkg.dec b/ArmPkg/ArmPkg.dec index bc14660e36..710e215198 100644 --- a/ArmPkg/ArmPkg.dec +++ b/ArmPkg/ArmPkg.dec @@ -68,6 +68,8 @@ gArmTokenSpaceGuid.PcdEfiUncachedMemoryToStronglyOrdered|FALSE|BOOLEAN|0x00000025 [PcdsFixedAtBuild.common] + gArmTokenSpaceGuid.PcdTrustzoneSupport|FALSE|BOOLEAN|0x00000006 + # This PCD should be a FeaturePcd. But we used this PCD as an '#if' in an ASM file. # Using a FeaturePcd make a '(BOOLEAN) casting for its value which is not understood by the preprocessor. gArmTokenSpaceGuid.PcdVFPEnabled|0|UINT32|0x00000024 diff --git a/ArmPlatformPkg/ArmRealViewEbPkg/Library/ArmRealViewEbLibRTSM/ArmRealViewEb.c b/ArmPlatformPkg/ArmRealViewEbPkg/Library/ArmRealViewEbLibRTSM/ArmRealViewEb.c index 41c545bff6..ba90e19119 100644 --- a/ArmPlatformPkg/ArmRealViewEbPkg/Library/ArmRealViewEbLibRTSM/ArmRealViewEb.c +++ b/ArmPlatformPkg/ArmRealViewEbPkg/Library/ArmRealViewEbLibRTSM/ArmRealViewEb.c @@ -47,26 +47,6 @@ ARM_CORE_INFO mRealViewEbMpCoreInfoTable[] = { } }; -/** - Return if Trustzone is supported by your platform - - A non-zero value must be returned if you want to support a Secure World on your platform. - ArmPlatformTrustzoneInit() will later set up the secure regions. - This function can return 0 even if Trustzone is supported by your processor. In this case, - the platform will continue to run in Secure World. - - @return A non-zero value if Trustzone supported. - -**/ -UINTN -ArmPlatformTrustzoneSupported ( - VOID - ) -{ - // There is no Trustzone controllers (TZPC & TZASC) and no Secure Memory on RTSM - return FALSE; -} - /** Remap the memory at 0x0 diff --git a/ArmPlatformPkg/ArmRealViewEbPkg/Library/ArmRealViewEbLibRTSM/ArmRealViewEbMem.c b/ArmPlatformPkg/ArmRealViewEbPkg/Library/ArmRealViewEbLibRTSM/ArmRealViewEbMem.c index 5ca9510a7f..66b149c8e4 100644 --- a/ArmPlatformPkg/ArmRealViewEbPkg/Library/ArmRealViewEbLibRTSM/ArmRealViewEbMem.c +++ b/ArmPlatformPkg/ArmRealViewEbPkg/Library/ArmRealViewEbLibRTSM/ArmRealViewEbMem.c @@ -25,8 +25,6 @@ // DDR attributes #define DDR_ATTRIBUTES_CACHED ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK #define DDR_ATTRIBUTES_UNCACHED ARM_MEMORY_REGION_ATTRIBUTE_UNCACHED_UNBUFFERED -#define DDR_ATTRIBUTES_SECURE_CACHED ARM_MEMORY_REGION_ATTRIBUTE_SECURE_WRITE_BACK -#define DDR_ATTRIBUTES_SECURE_UNCACHED ARM_MEMORY_REGION_ATTRIBUTE_SECURE_UNCACHED_UNBUFFERED /** Return the Virtual Memory Map of your platform @@ -44,21 +42,20 @@ ArmPlatformGetVirtualMemoryMap ( ) { UINT32 CacheAttributes; - BOOLEAN bTrustzoneSupport = FALSE; UINTN Index = 0; ARM_MEMORY_REGION_DESCRIPTOR *VirtualMemoryTable; ASSERT(VirtualMemoryMap != NULL); - VirtualMemoryTable = (ARM_MEMORY_REGION_DESCRIPTOR*)AllocatePages(EFI_SIZE_TO_PAGES (sizeof(ARM_MEMORY_REGION_DESCRIPTOR) * MAX_VIRTUAL_MEMORY_MAP_DESCRIPTORS)); + VirtualMemoryTable = (ARM_MEMORY_REGION_DESCRIPTOR*)AllocatePages (EFI_SIZE_TO_PAGES (sizeof(ARM_MEMORY_REGION_DESCRIPTOR) * MAX_VIRTUAL_MEMORY_MAP_DESCRIPTORS)); if (VirtualMemoryTable == NULL) { return; } if (FeaturePcdGet(PcdCacheEnable) == TRUE) { - CacheAttributes = (bTrustzoneSupport ? DDR_ATTRIBUTES_CACHED : DDR_ATTRIBUTES_SECURE_CACHED); + CacheAttributes = DDR_ATTRIBUTES_CACHED; } else { - CacheAttributes = (bTrustzoneSupport ? DDR_ATTRIBUTES_UNCACHED : DDR_ATTRIBUTES_SECURE_UNCACHED); + CacheAttributes = DDR_ATTRIBUTES_UNCACHED; } // ReMap (Either NOR Flash or DRAM) @@ -77,13 +74,13 @@ ArmPlatformGetVirtualMemoryMap ( VirtualMemoryTable[++Index].PhysicalBase = ARM_EB_SMB_MB_ON_CHIP_PERIPH_BASE; VirtualMemoryTable[Index].VirtualBase = ARM_EB_SMB_MB_ON_CHIP_PERIPH_BASE; VirtualMemoryTable[Index].Length = ARM_EB_SMB_MB_ON_CHIP_PERIPH_SZ; - VirtualMemoryTable[Index].Attributes = (bTrustzoneSupport ? ARM_MEMORY_REGION_ATTRIBUTE_DEVICE : ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE); + VirtualMemoryTable[Index].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE; // SMB CS0-CS1 - NOR Flash 1 & 2 VirtualMemoryTable[++Index].PhysicalBase = ARM_EB_SMB_NOR_BASE; VirtualMemoryTable[Index].VirtualBase = ARM_EB_SMB_NOR_BASE; VirtualMemoryTable[Index].Length = ARM_EB_SMB_NOR_SZ + ARM_EB_SMB_DOC_SZ; - VirtualMemoryTable[Index].Attributes = (bTrustzoneSupport ? ARM_MEMORY_REGION_ATTRIBUTE_DEVICE : ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE); + VirtualMemoryTable[Index].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE; // SMB CS2 - SRAM VirtualMemoryTable[++Index].PhysicalBase = ARM_EB_SMB_SRAM_BASE; @@ -95,14 +92,14 @@ ArmPlatformGetVirtualMemoryMap ( VirtualMemoryTable[++Index].PhysicalBase = ARM_EB_SMB_PERIPH_BASE; VirtualMemoryTable[Index].VirtualBase = ARM_EB_SMB_PERIPH_BASE; VirtualMemoryTable[Index].Length = ARM_EB_SMB_PERIPH_SZ; - VirtualMemoryTable[Index].Attributes = (bTrustzoneSupport ? ARM_MEMORY_REGION_ATTRIBUTE_DEVICE : ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE); + VirtualMemoryTable[Index].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE; // If a Logic Tile is connected to The ARM Versatile Express Motherboard if (MmioRead32(ARM_EB_SYS_PROCID1_REG) != 0) { VirtualMemoryTable[++Index].PhysicalBase = ARM_EB_LOGIC_TILE_BASE; VirtualMemoryTable[Index].VirtualBase = ARM_EB_LOGIC_TILE_BASE; VirtualMemoryTable[Index].Length = ARM_EB_LOGIC_TILE_SZ; - VirtualMemoryTable[Index].Attributes = (bTrustzoneSupport ? ARM_MEMORY_REGION_ATTRIBUTE_DEVICE : ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE); + VirtualMemoryTable[Index].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE; ASSERT((Index + 1) == (MAX_VIRTUAL_MEMORY_MAP_DESCRIPTORS + 1)); } else { diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/ArmVExpressSecLib.inf b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/ArmVExpressSecLib.inf index 6d6dd38999..9d9c237c29 100644 --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/ArmVExpressSecLib.inf +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/ArmVExpressSecLib.inf @@ -49,4 +49,6 @@ gArmPlatformTokenSpaceGuid.PcdNorFlashRemapping [FixedPcd] + gArmTokenSpaceGuid.PcdTrustzoneSupport + gArmTokenSpaceGuid.PcdL2x0ControllerBase diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4.c b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4.c index 2b6238bc76..67731ad4b4 100644 --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4.c +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4.c @@ -105,25 +105,6 @@ PL341_DMC_CONFIG DDRTimings = { .ExtModeReg = DDR_EMR_RTT_50R | (DDR_EMR_ODS_VAL << DDR_EMR_ODS_MASK), }; -/** - Return if Trustzone is supported by your platform - - A non-zero value must be returned if you want to support a Secure World on your platform. - ArmVExpressTrustzoneInit() will later set up the secure regions. - This function can return 0 even if Trustzone is supported by your processor. In this case, - the platform will continue to run in Secure World. - - @return A non-zero value if Trustzone supported. - -**/ -UINTN -ArmPlatformTrustzoneSupported ( - VOID - ) -{ - return (MmioRead32(ARM_VE_SYS_CFGRW1_REG) & ARM_VE_CFGRW1_TZASC_EN_BIT_MASK); -} - /** Return the current Boot Mode @@ -137,7 +118,11 @@ ArmPlatformGetBootMode ( VOID ) { - return BOOT_WITH_FULL_CONFIGURATION; + if (MmioRead32(ARM_VE_SYS_FLAGS_NV_REG) == 0) { + return BOOT_WITH_FULL_CONFIGURATION; + } else { + return BOOT_ON_S2_RESUME; + } } /** diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Mem.c b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Mem.c index 7bfd679411..ef8fa4191a 100644 --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Mem.c +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Mem.c @@ -26,8 +26,6 @@ // DDR attributes #define DDR_ATTRIBUTES_CACHED ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK #define DDR_ATTRIBUTES_UNCACHED ARM_MEMORY_REGION_ATTRIBUTE_UNCACHED_UNBUFFERED -#define DDR_ATTRIBUTES_SECURE_CACHED ARM_MEMORY_REGION_ATTRIBUTE_SECURE_WRITE_BACK -#define DDR_ATTRIBUTES_SECURE_UNCACHED ARM_MEMORY_REGION_ATTRIBUTE_SECURE_UNCACHED_UNBUFFERED /** Return the Virtual Memory Map of your platform @@ -45,7 +43,6 @@ ArmPlatformGetVirtualMemoryMap ( ) { ARM_MEMORY_REGION_ATTRIBUTES CacheAttributes; - BOOLEAN bTrustzoneSupport; UINTN Index = 0; ARM_MEMORY_REGION_DESCRIPTOR *VirtualMemoryTable; @@ -56,34 +53,17 @@ ArmPlatformGetVirtualMemoryMap ( return; } - // Check if SMC TZASC is enabled. If Trustzone not enabled then all the entries remain in Secure World. - // As this value can be changed in the Board Configuration file, the UEFI firmware needs to work for both case - if (ArmPlatformTrustzoneSupported ()) { - bTrustzoneSupport = TRUE; - } else { - bTrustzoneSupport = FALSE; - } - if (FeaturePcdGet(PcdCacheEnable) == TRUE) { - CacheAttributes = (bTrustzoneSupport ? DDR_ATTRIBUTES_CACHED : DDR_ATTRIBUTES_SECURE_CACHED); + CacheAttributes = DDR_ATTRIBUTES_CACHED; } else { - CacheAttributes = (bTrustzoneSupport ? DDR_ATTRIBUTES_UNCACHED : DDR_ATTRIBUTES_SECURE_UNCACHED); + CacheAttributes = DDR_ATTRIBUTES_UNCACHED; } - // ReMap (Either NOR Flash or DRAM) - VirtualMemoryTable[Index].PhysicalBase = ARM_VE_REMAP_BASE; - VirtualMemoryTable[Index].VirtualBase = ARM_VE_REMAP_BASE; - VirtualMemoryTable[Index].Length = ARM_VE_REMAP_SZ; - - if (FeaturePcdGet(PcdNorFlashRemapping)) { - // Map the NOR Flash as Secure Memory - if (FeaturePcdGet(PcdCacheEnable) == TRUE) { - VirtualMemoryTable[Index].Attributes = DDR_ATTRIBUTES_SECURE_CACHED; - } else { - VirtualMemoryTable[Index].Attributes = DDR_ATTRIBUTES_SECURE_UNCACHED; - } - } else { - // DRAM mapping + if (FeaturePcdGet(PcdNorFlashRemapping) == FALSE) { + // ReMap (Either NOR Flash or DRAM) + VirtualMemoryTable[Index].PhysicalBase = ARM_VE_REMAP_BASE; + VirtualMemoryTable[Index].VirtualBase = ARM_VE_REMAP_BASE; + VirtualMemoryTable[Index].Length = ARM_VE_REMAP_SZ; VirtualMemoryTable[Index].Attributes = CacheAttributes; } @@ -97,13 +77,13 @@ ArmPlatformGetVirtualMemoryMap ( VirtualMemoryTable[++Index].PhysicalBase = ARM_VE_SMB_MB_ON_CHIP_PERIPH_BASE; VirtualMemoryTable[Index].VirtualBase = ARM_VE_SMB_MB_ON_CHIP_PERIPH_BASE; VirtualMemoryTable[Index].Length = ARM_VE_SMB_MB_ON_CHIP_PERIPH_SZ; - VirtualMemoryTable[Index].Attributes = (bTrustzoneSupport ? ARM_MEMORY_REGION_ATTRIBUTE_DEVICE : ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE); + VirtualMemoryTable[Index].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_DEVICE; // SMB CS0-CS1 - NOR Flash 1 & 2 VirtualMemoryTable[++Index].PhysicalBase = ARM_VE_SMB_NOR0_BASE; VirtualMemoryTable[Index].VirtualBase = ARM_VE_SMB_NOR0_BASE; VirtualMemoryTable[Index].Length = ARM_VE_SMB_NOR0_SZ + ARM_VE_SMB_NOR1_SZ; - VirtualMemoryTable[Index].Attributes = (bTrustzoneSupport ? ARM_MEMORY_REGION_ATTRIBUTE_DEVICE : ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE); + VirtualMemoryTable[Index].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_DEVICE; // SMB CS2 - SRAM VirtualMemoryTable[++Index].PhysicalBase = ARM_VE_SMB_SRAM_BASE; @@ -115,14 +95,14 @@ ArmPlatformGetVirtualMemoryMap ( VirtualMemoryTable[++Index].PhysicalBase = ARM_VE_SMB_PERIPH_BASE; VirtualMemoryTable[Index].VirtualBase = ARM_VE_SMB_PERIPH_BASE; VirtualMemoryTable[Index].Length = ARM_VE_SMB_PERIPH_SZ; - VirtualMemoryTable[Index].Attributes = (bTrustzoneSupport ? ARM_MEMORY_REGION_ATTRIBUTE_DEVICE : ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE); + VirtualMemoryTable[Index].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_DEVICE; // If a Logic Tile is connected to The ARM Versatile Express Motherboard if (MmioRead32(ARM_VE_SYS_PROCID1_REG) != 0) { VirtualMemoryTable[++Index].PhysicalBase = ARM_VE_EXT_AXI_BASE; VirtualMemoryTable[Index].VirtualBase = ARM_VE_EXT_AXI_BASE; VirtualMemoryTable[Index].Length = ARM_VE_EXT_AXI_SZ; - VirtualMemoryTable[Index].Attributes = (bTrustzoneSupport ? ARM_MEMORY_REGION_ATTRIBUTE_DEVICE : ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE); + VirtualMemoryTable[Index].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_DEVICE; ASSERT((Index + 1) == (MAX_VIRTUAL_MEMORY_MAP_DESCRIPTORS + 1)); } else { diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Sec.c b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Sec.c index 46ca8eaac4..3641017e9c 100644 --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Sec.c +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA9x4/CTA9x4Sec.c @@ -39,6 +39,12 @@ ArmPlatformTrustzoneInit ( // Setup TZ Protection Controller // + if (MmioRead32(ARM_VE_SYS_CFGRW1_REG) & ARM_VE_CFGRW1_TZASC_EN_BIT_MASK) { + ASSERT (PcdGetBool (PcdTrustzoneSupport) == TRUE); + } else { + ASSERT (PcdGetBool (PcdTrustzoneSupport) == FALSE); + } + // Set Non Secure access for all devices TZPCSetDecProtBits(ARM_VE_TZPC_BASE, TZPC_DECPROT_0, 0xFFFFFFFF); TZPCSetDecProtBits(ARM_VE_TZPC_BASE, TZPC_DECPROT_1, 0xFFFFFFFF); diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSM.c b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSM.c index 54b2388c27..5741915b69 100644 --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSM.c +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSM.c @@ -23,6 +23,11 @@ #include +UINTN +ArmGetCpuCountPerCluster ( + VOID + ); + ARM_CORE_INFO mVersatileExpressMpCoreInfoTable[] = { { // Cluster 0, Core 0 @@ -66,26 +71,6 @@ ARM_CORE_INFO mVersatileExpressMpCoreInfoTable[] = { } }; -/** - Return if Trustzone is supported by your platform - - A non-zero value must be returned if you want to support a Secure World on your platform. - ArmVExpressTrustzoneInit() will later set up the secure regions. - This function can return 0 even if Trustzone is supported by your processor. In this case, - the platform will continue to run in Secure World. - - @return A non-zero value if Trustzone supported. - -**/ -UINTN -ArmPlatformTrustzoneSupported ( - VOID - ) -{ - // Not supported yet but model does have Secure SRAM (but no TZPC/TZASC) so we could support it - return FALSE; -} - /** Return the current Boot Mode diff --git a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSMMem.c b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSMMem.c index bb0ee84bb2..4537a71456 100644 --- a/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSMMem.c +++ b/ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/RTSMMem.c @@ -25,8 +25,6 @@ // DDR attributes #define DDR_ATTRIBUTES_CACHED ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK #define DDR_ATTRIBUTES_UNCACHED ARM_MEMORY_REGION_ATTRIBUTE_UNCACHED_UNBUFFERED -#define DDR_ATTRIBUTES_SECURE_CACHED ARM_MEMORY_REGION_ATTRIBUTE_SECURE_WRITE_BACK -#define DDR_ATTRIBUTES_SECURE_UNCACHED ARM_MEMORY_REGION_ATTRIBUTE_SECURE_UNCACHED_UNBUFFERED /** Return the Virtual Memory Map of your platform @@ -44,7 +42,6 @@ ArmPlatformGetVirtualMemoryMap ( ) { ARM_MEMORY_REGION_ATTRIBUTES CacheAttributes; - BOOLEAN bTrustzoneSupport; UINTN Index = 0; ARM_MEMORY_REGION_DESCRIPTOR *VirtualMemoryTable; @@ -55,18 +52,10 @@ ArmPlatformGetVirtualMemoryMap ( return; } - // Check if SMC TZASC is enabled. If Trustzone not enabled then all the entries remain in Secure World. - // As this value can be changed in the Board Configuration file, the UEFI firmware needs to work for both case - if (ArmPlatformTrustzoneSupported ()) { - bTrustzoneSupport = TRUE; - } else { - bTrustzoneSupport = FALSE; - } - if (FeaturePcdGet(PcdCacheEnable) == TRUE) { - CacheAttributes = (bTrustzoneSupport ? DDR_ATTRIBUTES_CACHED : DDR_ATTRIBUTES_SECURE_CACHED); + CacheAttributes = DDR_ATTRIBUTES_CACHED; } else { - CacheAttributes = (bTrustzoneSupport ? DDR_ATTRIBUTES_UNCACHED : DDR_ATTRIBUTES_SECURE_UNCACHED); + CacheAttributes = DDR_ATTRIBUTES_UNCACHED; } // ReMap (Either NOR Flash or DRAM) @@ -74,12 +63,12 @@ ArmPlatformGetVirtualMemoryMap ( VirtualMemoryTable[Index].VirtualBase = ARM_VE_REMAP_BASE; VirtualMemoryTable[Index].Length = ARM_VE_REMAP_SZ; - if (FeaturePcdGet(PcdNorFlashRemapping)) { + if (FeaturePcdGet(PcdNorFlashRemapping) == FALSE) { // Map the NOR Flash as Secure Memory if (FeaturePcdGet(PcdCacheEnable) == TRUE) { - VirtualMemoryTable[Index].Attributes = DDR_ATTRIBUTES_SECURE_CACHED; + VirtualMemoryTable[Index].Attributes = DDR_ATTRIBUTES_CACHED; } else { - VirtualMemoryTable[Index].Attributes = DDR_ATTRIBUTES_SECURE_UNCACHED; + VirtualMemoryTable[Index].Attributes = DDR_ATTRIBUTES_UNCACHED; } } else { // DRAM mapping @@ -96,13 +85,13 @@ ArmPlatformGetVirtualMemoryMap ( VirtualMemoryTable[++Index].PhysicalBase = ARM_VE_ON_CHIP_PERIPH_BASE; VirtualMemoryTable[Index].VirtualBase = ARM_VE_ON_CHIP_PERIPH_BASE; VirtualMemoryTable[Index].Length = ARM_VE_ON_CHIP_PERIPH_SZ; - VirtualMemoryTable[Index].Attributes = (bTrustzoneSupport ? ARM_MEMORY_REGION_ATTRIBUTE_DEVICE : ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE); + VirtualMemoryTable[Index].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE; // SMB CS0-CS1 - NOR Flash 1 & 2 VirtualMemoryTable[++Index].PhysicalBase = ARM_VE_SMB_NOR0_BASE; VirtualMemoryTable[Index].VirtualBase = ARM_VE_SMB_NOR0_BASE; VirtualMemoryTable[Index].Length = ARM_VE_SMB_NOR0_SZ + ARM_VE_SMB_NOR1_SZ; - VirtualMemoryTable[Index].Attributes = (bTrustzoneSupport ? ARM_MEMORY_REGION_ATTRIBUTE_DEVICE : ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE); + VirtualMemoryTable[Index].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE; // SMB CS2 - SRAM VirtualMemoryTable[++Index].PhysicalBase = ARM_VE_SMB_SRAM_BASE; @@ -114,7 +103,7 @@ ArmPlatformGetVirtualMemoryMap ( VirtualMemoryTable[++Index].PhysicalBase = ARM_VE_SMB_PERIPH_BASE; VirtualMemoryTable[Index].VirtualBase = ARM_VE_SMB_PERIPH_BASE; VirtualMemoryTable[Index].Length = 2 * ARM_VE_SMB_PERIPH_SZ; - VirtualMemoryTable[Index].Attributes = (bTrustzoneSupport ? ARM_MEMORY_REGION_ATTRIBUTE_DEVICE : ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE); + VirtualMemoryTable[Index].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE; //TODO:This should be enabled for final release. Right now, ARM VE RTSM crashes. // // If a Logic Tile is connected to The ARM Versatile Express Motherboard @@ -122,7 +111,7 @@ ArmPlatformGetVirtualMemoryMap ( // VirtualMemoryTable[++Index].PhysicalBase = ARM_VE_EXT_AXI_BASE; // VirtualMemoryTable[Index].VirtualBase = ARM_VE_EXT_AXI_BASE; // VirtualMemoryTable[Index].Length = ARM_VE_EXT_AXI_SZ; -// VirtualMemoryTable[Index].Attributes = (bTrustzoneSupport ? ARM_MEMORY_REGION_ATTRIBUTE_DEVICE : ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE); +// VirtualMemoryTable[Index].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_SECURE_DEVICE; // // ASSERT((Index + 1) == (MAX_VIRTUAL_MEMORY_MAP_DESCRIPTORS + 1)); // } else { diff --git a/ArmPlatformPkg/Include/Library/ArmPlatformLib.h b/ArmPlatformPkg/Include/Library/ArmPlatformLib.h index 864c2c7c92..4362760c73 100644 --- a/ArmPlatformPkg/Include/Library/ArmPlatformLib.h +++ b/ArmPlatformPkg/Include/Library/ArmPlatformLib.h @@ -143,22 +143,6 @@ ArmPlatformBootRemapping ( VOID ); -/** - Return if Trustzone is supported by your platform - - A non-zero value must be returned if you want to support a Secure World on your platform. - ArmPlatformTrustzoneInit() will later set up the secure regions. - This function can return 0 even if Trustzone is supported by your processor. In this case, - the platform will continue to run in Secure World. - - @return A non-zero value if Trustzone supported. - -**/ -UINTN -ArmPlatformTrustzoneSupported ( - VOID - ); - /** Initialize the Secure peripherals and memory regions diff --git a/ArmPlatformPkg/Sec/Sec.c b/ArmPlatformPkg/Sec/Sec.c index 5853dfba3e..241ad7cb16 100644 --- a/ArmPlatformPkg/Sec/Sec.c +++ b/ArmPlatformPkg/Sec/Sec.c @@ -103,7 +103,7 @@ CEntryPoint ( } // Test if Trustzone is supported on this platform - if (ArmPlatformTrustzoneSupported ()) { + if (FixedPcdGetBool (PcdTrustzoneSupport)) { // Ensure the Monitor Stack Base & Size have been set ASSERT(PcdGet32(PcdCPUCoresSecMonStackBase) != 0); ASSERT(PcdGet32(PcdCPUCoreSecMonStackSize) != 0); diff --git a/ArmPlatformPkg/Sec/Sec.inf b/ArmPlatformPkg/Sec/Sec.inf index 5079f29da5..9980c6b951 100644 --- a/ArmPlatformPkg/Sec/Sec.inf +++ b/ArmPlatformPkg/Sec/Sec.inf @@ -51,6 +51,7 @@ gArmPlatformTokenSpaceGuid.PcdSystemMemoryInitializeInSec [FixedPcd] + gArmTokenSpaceGuid.PcdTrustzoneSupport gArmTokenSpaceGuid.PcdVFPEnabled gArmTokenSpaceGuid.PcdArmPrimaryCoreMask -- 2.39.2