Message ID | 20180223132858.26248-1-ard.biesheuvel@linaro.org |
---|---|
State | New |
Headers | show |
Series | [edk2,RFC,edk2-non-osi] Platform/DeveloperBox: add prebuilt binary containing stage 2 page tables | expand |
On Fri, Feb 23, 2018 at 01:28:58PM +0000, Ard Biesheuvel wrote: > Now that the secure firmware image BL31 has been moved back into secure > memory where it belongs, we can no longer keep the stage2 translation > tables in the same image, given that EL2 is non-secure. > > So instead, let's put those tables in the NOR flash, at the end of the > ARM-TF region. This is difficult to integrate into the build sequence > of either ARM-TF or UEFI, so let's just generate the binary and put it > at the correct offset using the .fdf description of the platform. > > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> > --- > I am not sure where to put this and how to integrate this into the build, > hence the RFC. Would it be feasible to generate this as part of the build (and hence make it possible to keep the source in edk2-platforms)? Feels like it could come in handy. There is already a [Nasm-to-Binary-Code-File] rule in build_rule.template, so I'd say there's precedent. > Platform/Socionext/DeveloperBox/README | 2 + > Platform/Socionext/DeveloperBox/stage2_tables.S | 95 ++++++++++++++++++++ > Platform/Socionext/DeveloperBox/stage2_tables.bin | Bin 0 -> 20480 bytes > 3 files changed, 97 insertions(+) > > diff --git a/Platform/Socionext/DeveloperBox/README b/Platform/Socionext/DeveloperBox/README > index 8f079011e153..5728bf0ef88a 100644 > --- a/Platform/Socionext/DeveloperBox/README > +++ b/Platform/Socionext/DeveloperBox/README > @@ -6,3 +6,5 @@ fip_all_arm_tf.bin - prebuilt ARM Trusted Firmware RELEASE binary > Repo: https://git.linaro.org/leg/noupstream/arm-trusted-firmware.git > Commit: cd3de9253d90f5ab6eed046fb7bb9f4e9f87ae5a > > +stage2_tables.bin - prebuilt stage 2 translation tables > +Built from stage2_tables.S in the same directory If not possible to integrate in build, add the exact command line used to generate file (and preferably toolchain version)? / Leif > diff --git a/Platform/Socionext/DeveloperBox/stage2_tables.S b/Platform/Socionext/DeveloperBox/stage2_tables.S > new file mode 100644 > index 000000000000..44da21e7e467 > --- /dev/null > +++ b/Platform/Socionext/DeveloperBox/stage2_tables.S > @@ -0,0 +1,95 @@ > +/** @file > + Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR> > + > + This program and the accompanying materials are licensed and made available > + under the terms and conditions of the BSD License which accompanies this > + distribution. The full text of the license may be found at > + http://opensource.org/licenses/bsd-license.php > + > + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > +**/ > + > +/* > + * This file contains the assembler code to instantiate a set of stage 2 > + * translation tables that make the ECAM space of the Synopsys DesignWare > + * PCIe root complexes appear sane to the OS. > + * - ECAM 'shadows' caused by non TLP filtering root ports are eliminated > + * - MMIO region are mapped with device attributes that supersede write combine > + attributes that the OS may attempt to use, and which is not supported by > + the SoC. > + * > + * Build using: > + * > + * gcc -o stage2_tables.elf stage2_tables.S \ > + * -Wl,-e,0x81f8000 -Wl,--section-start=.rodata=0x81f8000 -nostdlib > + * > + * objcopy -O binary -j .rodata stage2_tables.elf stage2_tables.bin > + */ > + > +#define TT_S2_CONT_SHIFT 52 > +#define TT_S2_AF (0x1 << 10) > +#define TT_S2_SH_NON_SHAREABLE (0x0 << 8) > +#define TT_S2_AP_RW (0x3 << 6) > +#define TT_S2_MEMATTR_DEVICE_nGRE (0x2 << 2) > +#define TT_S2_MEMATTR_MEMORY_WB (0xf << 2) > +#define TT_S2_TABLE (0x3 << 0) > +#define TT_S2_L3_PAGE (0x1 << 1) > +#define TT_S2_VALID (0x1 << 0) > + > + .altmacro > + .macro for, start, count, do, arg2, arg3, arg4 > + .if \count == 1 > + \do \start, \arg2, \arg3, \arg4 > + .elseif \count > 1 > + for \start, %(\count / 2), \do, \arg2, \arg3, \arg4 > + for %(\start + \count / 2), %((\count + 1) / 2), \do, \arg2, \arg3, \arg4 > + .endif > + .endm > + > + .macro s2_dev_entry, base, shift=30, offset=0, cont=0 > + .quad ((\base << \shift) + \offset) | TT_S2_AF | TT_S2_AP_RW | \ > + TT_S2_SH_NON_SHAREABLE | TT_S2_MEMATTR_DEVICE_nGRE | \ > + TT_S2_VALID | (\cont << TT_S2_CONT_SHIFT) > + .endm > + > + .macro s2_mem_entry, base, shift=30, offset=0, cont=0 > + .quad ((\base << \shift) + \offset) | TT_S2_AF | TT_S2_AP_RW | \ > + TT_S2_SH_NON_SHAREABLE | TT_S2_MEMATTR_MEMORY_WB | \ > + TT_S2_VALID | (\cont << TT_S2_CONT_SHIFT) > + .endm > + > + .macro s2_l3_entry, base, offset=0, cont=0 > + .quad ((\base << 12) + \offset) | TT_S2_AF | TT_S2_AP_RW | \ > + TT_S2_SH_NON_SHAREABLE | TT_S2_MEMATTR_MEMORY_WB | \ > + TT_S2_L3_PAGE | TT_S2_VALID | (\cont << TT_S2_CONT_SHIFT) > + .endm > + > + .section ".rodata", "a", %progbits > + /* level 1 */ > + s2_mem_entry 0 /* 0x0000_0000 - 0x3fff_ffff */ > + .quad 1f + TT_S2_TABLE /* 0x4000_0000 - 0x7fff_ffff */ > + for 2, 246, s2_mem_entry /* 0x8000_0000 - 0x3d_ffff_ffff */ > + for 248, 8, s2_dev_entry /* PCIe MMIO64 */ > + for 256, 768, s2_mem_entry /* 0x40_0000_0000 - 0xff_ffff_ffff */ > + > + /* level 2 */ > +1: for 0, 256, s2_mem_entry, 21, 0x40000000, 1 > + > + .quad 2f + TT_S2_TABLE /* 0x6000_0000 -> RC #0 bus 0 */ > + for 1, 15, s2_mem_entry, 21, 0x60000000 > + for 0, 48, s2_mem_entry, 21, 0x62000000, 1 > + for 0, 64, s2_dev_entry, 21, 0x68000000, 1 /* PCIe MMIO32 */ > + > + .quad 3f + TT_S2_TABLE /* 0x7000_0000 -> RC #1 bus 0 */ > + for 1, 15, s2_mem_entry, 21, 0x70000000 > + for 0, 48, s2_mem_entry, 21, 0x72000000, 1 > + for 0, 64, s2_dev_entry, 21, 0x78000000, 1 /* PCIe MMIO32 */ > + > + /* level 3 */ > +2: for 0, 8, s2_l3_entry, 0x60000000 > + for 0, 8, s2_l3_entry, 0x60010000 /* hide device #1 */ > + for 0, 496, s2_l3_entry, 0x60010000, 1 > +3: for 0, 8, s2_l3_entry, 0x70000000 > + for 0, 8, s2_l3_entry, 0x70010000 /* hide device #1 */ > + for 0, 496, s2_l3_entry, 0x70010000, 1 > diff --git a/Platform/Socionext/DeveloperBox/stage2_tables.bin b/Platform/Socionext/DeveloperBox/stage2_tables.bin > new file mode 100644 > index 000000000000..48369f00c022 > Binary files /dev/null and b/Platform/Socionext/DeveloperBox/stage2_tables.bin differ > -- > 2.11.0 > _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
diff --git a/Platform/Socionext/DeveloperBox/README b/Platform/Socionext/DeveloperBox/README index 8f079011e153..5728bf0ef88a 100644 --- a/Platform/Socionext/DeveloperBox/README +++ b/Platform/Socionext/DeveloperBox/README @@ -6,3 +6,5 @@ fip_all_arm_tf.bin - prebuilt ARM Trusted Firmware RELEASE binary Repo: https://git.linaro.org/leg/noupstream/arm-trusted-firmware.git Commit: cd3de9253d90f5ab6eed046fb7bb9f4e9f87ae5a +stage2_tables.bin - prebuilt stage 2 translation tables +Built from stage2_tables.S in the same directory diff --git a/Platform/Socionext/DeveloperBox/stage2_tables.S b/Platform/Socionext/DeveloperBox/stage2_tables.S new file mode 100644 index 000000000000..44da21e7e467 --- /dev/null +++ b/Platform/Socionext/DeveloperBox/stage2_tables.S @@ -0,0 +1,95 @@ +/** @file + Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR> + + This program and the accompanying materials are licensed and made available + under the terms and conditions of the BSD License which accompanies this + distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +**/ + +/* + * This file contains the assembler code to instantiate a set of stage 2 + * translation tables that make the ECAM space of the Synopsys DesignWare + * PCIe root complexes appear sane to the OS. + * - ECAM 'shadows' caused by non TLP filtering root ports are eliminated + * - MMIO region are mapped with device attributes that supersede write combine + attributes that the OS may attempt to use, and which is not supported by + the SoC. + * + * Build using: + * + * gcc -o stage2_tables.elf stage2_tables.S \ + * -Wl,-e,0x81f8000 -Wl,--section-start=.rodata=0x81f8000 -nostdlib + * + * objcopy -O binary -j .rodata stage2_tables.elf stage2_tables.bin + */ + +#define TT_S2_CONT_SHIFT 52 +#define TT_S2_AF (0x1 << 10) +#define TT_S2_SH_NON_SHAREABLE (0x0 << 8) +#define TT_S2_AP_RW (0x3 << 6) +#define TT_S2_MEMATTR_DEVICE_nGRE (0x2 << 2) +#define TT_S2_MEMATTR_MEMORY_WB (0xf << 2) +#define TT_S2_TABLE (0x3 << 0) +#define TT_S2_L3_PAGE (0x1 << 1) +#define TT_S2_VALID (0x1 << 0) + + .altmacro + .macro for, start, count, do, arg2, arg3, arg4 + .if \count == 1 + \do \start, \arg2, \arg3, \arg4 + .elseif \count > 1 + for \start, %(\count / 2), \do, \arg2, \arg3, \arg4 + for %(\start + \count / 2), %((\count + 1) / 2), \do, \arg2, \arg3, \arg4 + .endif + .endm + + .macro s2_dev_entry, base, shift=30, offset=0, cont=0 + .quad ((\base << \shift) + \offset) | TT_S2_AF | TT_S2_AP_RW | \ + TT_S2_SH_NON_SHAREABLE | TT_S2_MEMATTR_DEVICE_nGRE | \ + TT_S2_VALID | (\cont << TT_S2_CONT_SHIFT) + .endm + + .macro s2_mem_entry, base, shift=30, offset=0, cont=0 + .quad ((\base << \shift) + \offset) | TT_S2_AF | TT_S2_AP_RW | \ + TT_S2_SH_NON_SHAREABLE | TT_S2_MEMATTR_MEMORY_WB | \ + TT_S2_VALID | (\cont << TT_S2_CONT_SHIFT) + .endm + + .macro s2_l3_entry, base, offset=0, cont=0 + .quad ((\base << 12) + \offset) | TT_S2_AF | TT_S2_AP_RW | \ + TT_S2_SH_NON_SHAREABLE | TT_S2_MEMATTR_MEMORY_WB | \ + TT_S2_L3_PAGE | TT_S2_VALID | (\cont << TT_S2_CONT_SHIFT) + .endm + + .section ".rodata", "a", %progbits + /* level 1 */ + s2_mem_entry 0 /* 0x0000_0000 - 0x3fff_ffff */ + .quad 1f + TT_S2_TABLE /* 0x4000_0000 - 0x7fff_ffff */ + for 2, 246, s2_mem_entry /* 0x8000_0000 - 0x3d_ffff_ffff */ + for 248, 8, s2_dev_entry /* PCIe MMIO64 */ + for 256, 768, s2_mem_entry /* 0x40_0000_0000 - 0xff_ffff_ffff */ + + /* level 2 */ +1: for 0, 256, s2_mem_entry, 21, 0x40000000, 1 + + .quad 2f + TT_S2_TABLE /* 0x6000_0000 -> RC #0 bus 0 */ + for 1, 15, s2_mem_entry, 21, 0x60000000 + for 0, 48, s2_mem_entry, 21, 0x62000000, 1 + for 0, 64, s2_dev_entry, 21, 0x68000000, 1 /* PCIe MMIO32 */ + + .quad 3f + TT_S2_TABLE /* 0x7000_0000 -> RC #1 bus 0 */ + for 1, 15, s2_mem_entry, 21, 0x70000000 + for 0, 48, s2_mem_entry, 21, 0x72000000, 1 + for 0, 64, s2_dev_entry, 21, 0x78000000, 1 /* PCIe MMIO32 */ + + /* level 3 */ +2: for 0, 8, s2_l3_entry, 0x60000000 + for 0, 8, s2_l3_entry, 0x60010000 /* hide device #1 */ + for 0, 496, s2_l3_entry, 0x60010000, 1 +3: for 0, 8, s2_l3_entry, 0x70000000 + for 0, 8, s2_l3_entry, 0x70010000 /* hide device #1 */ + for 0, 496, s2_l3_entry, 0x70010000, 1
Now that the secure firmware image BL31 has been moved back into secure memory where it belongs, we can no longer keep the stage2 translation tables in the same image, given that EL2 is non-secure. So instead, let's put those tables in the NOR flash, at the end of the ARM-TF region. This is difficult to integrate into the build sequence of either ARM-TF or UEFI, so let's just generate the binary and put it at the correct offset using the .fdf description of the platform. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> --- I am not sure where to put this and how to integrate this into the build, hence the RFC. Platform/Socionext/DeveloperBox/README | 2 + Platform/Socionext/DeveloperBox/stage2_tables.S | 95 ++++++++++++++++++++ Platform/Socionext/DeveloperBox/stage2_tables.bin | Bin 0 -> 20480 bytes 3 files changed, 97 insertions(+) diff --git a/Platform/Socionext/DeveloperBox/stage2_tables.bin b/Platform/Socionext/DeveloperBox/stage2_tables.bin new file mode 100644 index 000000000000..48369f00c022 Binary files /dev/null and b/Platform/Socionext/DeveloperBox/stage2_tables.bin differ -- 2.11.0 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel