Re: [edk2] TrustZone support for VE Cortex A15?

Subject: Re: [edk2] TrustZone support for VE Cortex A15?

From: Nicola Johnsen <nicolajohnsen@yahoo.co.uk>

To: "edk2-devel@lists.sourceforge.net" <edk2-devel@lists.sourceforge.net>

Date: 2012-10-26 21:53:12

As far as I understand, I can enable secure memory on the simulator by setting daughterboard.secure_memory=1. That way the model partitions SRAM and DRAM into secure and non-secure memory and marks Boot ROM as secure memory. With that configuration the VE memory map changes as described here http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0423m/CHDJFJHF.html and shown in Table 6.2. If I enable this option then I don't seem to be able to boot UEFI anymore. I have placed the UEFI binary RTSM_VE_CORTEX-A15_MPCORE_EFI.fd into the flash loader 0. But it doesn't boot and I don't get an error either. It just doesn't do anything. Is there anything else I need to do in order to boot with the secure_memory option set?

Thanks,
Nicola



From: Olivier Martin <olivier.martin@arm.com>
To: 'Nicola Johnsen' <nicolajohnsen@yahoo.co.uk>; ryan.harkin@linaro.org; edk2-devel@lists.sourceforge.net
Sent: Tuesday, 23 October 2012, 10:04
Subject: RE: [edk2] TrustZone support for VE Cortex A15?

As you have a workaround, I will investigate the Linux boot issue later. But
you are right it looks to be a problem in the Bds.
To answer your previous email, Cortex A15 has Security Extension and
Virtualization Extension. So you can switch from Secure to Non-Secure World
and use SMC (Secure Monitor Call) on the Fast Model A15.
You can say Fast Model A15 has Trustzone support but you should consider
Fast Model A15 has a Secure Platform (with Secure and Non-Secure Memory).
Your assumption is correct: "I guess the CPU on the board supports it, but
it's just missing the TZ memory controller pieces."

-----Original Message-----
From: Nicola Johnsen [mailto:nicolajohnsen@yahoo.co.uk]
Sent: 23 October 2012 08:32
To: Nicola Johnsen; Olivier Martin; ryan.harkin@linaro.org;
edk2-devel@lists.sourceforge.net; edk2-devel@lists.sourceforge.net
Subject: Re: [edk2] TrustZone support for VE Cortex A15?

To be more precise, I use
ArmPlatformPkg/ArmVExpressPkg/ArmVExpress-RTSM-A15_MPCore.dsc to build the
UEFI boot loader. This is from the tianocore EDK2 SVN repository.


I run this on the Fast Model simulator, simulating a
examples/RTSM_VE/Build_Cortex-A15x2 board.

My DTB is compiled from http://www.linux-arm.org/git?p=arm-dts.git;a=summary

My kernel is from kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git

Thanks for your help.


Nicola


----- Original Message -----
From: Nicola Johnsen <nicolajohnsen@yahoo.co.uk>
To: Olivier Martin <olivier.martin@arm.com>; 'Ryan Harkin'
<ryan.harkin@linaro.org>; "edk2-devel@lists.sourceforge.net"
<edk2-devel@lists.sourceforge.net>
Cc:
Sent: Tuesday, 23 October 2012, 8:16
Subject: Re: [edk2] TrustZone support for VE Cortex A15?

Yes, I use RTSM VE A15x2.

I do not have real hardware, but I use the Fast Model simulator.

By now I have read in the specs of arm.com that the Cortex-A15 test chip
does not have TZ support. I was surprised, because the Cortex-A15 is v7 and
supports the virtualization extensions, so according to the ARMv7 reference
manual, it *must* also implement TZ. I guess the CPU on the board supports
it, but it's just missing the TZ memory controller pieces.




----- Original Message -----
From: Olivier Martin <olivier.martin@arm.com>
To: 'Ryan Harkin' <ryan.harkin@linaro.org>; Nicola Johnsen
<nicolajohnsen@yahoo.co.uk>; edk2-devel@lists.sourceforge.net
Cc:
Sent: Monday, 22 October 2012, 14:48
Subject: RE: [edk2] TrustZone support for VE Cortex A15?

Thanks Ryan, that's a good point! I was trying to reproduce the issue with
the kernel he sent me on RTSM VE A9x4 and I do not see the Linux
decompression statement.
In the last email Nicola sent me, it looks he is using RTSM VE A15x2.

-----Original Message-----
From: Ryan Harkin [mailto:ryan.harkin@linaro.org]
Sent: 22 October 2012 14:42
To: Nicola Johnsen; edk2-devel@lists.sourceforge.net
Cc: Olivier Martin
Subject: Re: [edk2] TrustZone support for VE Cortex A15?

Olivier,

Nicola is referring to the A15-TC1 BSP that's in my tree, not to the
RTSM version...

Nicola,

On 22 October 2012 10:58, Nicola Johnsen <nicolajohnsen@yahoo.co.uk> wrote:
> So just that I understand this correctly: if there is no TZ controller on
> the board, then secure memory is just emulated?

As far as I could tell when I did the BSP for TC1, there was no TZ
controller on that tile.  Same with the A5 tile.

If you're using TC1 hardware, you'll need some extra patches that I
haven't pushed yet.  I'm about to push a new version of my uefi-next
tree [1] today.  Withouth these small patches, the linux kernel is
very unstable.

Regards,
Ryan.

[1] http://git.linaro.org/gitweb?p=arm/uefi/uefi-next.git;a=summary

>
>
> ________________________________
> From: Olivier Martin <olivier.martin@arm.com>
> To: 'Nicola Johnsen' <nicolajohnsen@yahoo.co.uk>;
> edk2-devel@lists.sourceforge.net
> Sent: Monday, 22 October 2012, 10:43
> Subject: RE: [edk2] TrustZone support for VE Cortex A15?
>
> Hi again,
>
> New section about the Fast Model & Trustzone:
>
https://sourceforge.net/apps/mediawiki/tianocore/index.php?title=ArmPlatform
> Pkg/ArmVExpressPkg#Example:_Trustzone_on_the_Fast_Model
>
> Let me know if that answers your questions.
>
> Cheers,
> Olivier
>
> -----Original Message-----
> From: Nicola Johnsen [mailto:nicolajohnsen@yahoo.co.uk]
> Sent: 22 October 2012 10:18
> To: edk2-devel@lists.sourceforge.net
> Subject: [edk2] TrustZone support for VE Cortex A15?
>
> Hi, I was wondering how I can enable to boot into the Secure World on the
VE
> board with 2 Cortex-A15 CPUs?
>
> It seems as if
> ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibCTA15x2/CTA15x2Sec.c
> says that there is no support for TZ on that board, but as far as I
> understand, the Cortex-A15 has TZ support?
> Can anyone clarify how I can enable it?
>
>
> Cheers,
> Nicola
>
>
>
----------------------------------------------------------------------------
> --
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://p.sf.net/sfu/appdyn_sfd2d_oct
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/edk2-devel
>
>
>
>
>
>
>
>
----------------------------------------------------------------------------
--
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://p.sf.net/sfu/appdyn_sfd2d_oct
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/edk2-devel
>

----------------------------------------------------------------------------
--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel