No more map the reserved region with "no-map" property by marking the corresponding TLB entries with invalid entry (=0) to avoid speculative access.
This patch fixes an issue where predictive read access on secure DDR OP-TEE reserved area are caught by firewall.
Signed-off-by: Patrick Delaunay patrick.delaunay@foss.st.com ---
Changes in v2: - NEW: update in stm32mp specific MMU setup functions
arch/arm/mach-stm32mp/cpu.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/arch/arm/mach-stm32mp/cpu.c b/arch/arm/mach-stm32mp/cpu.c index 030066dc7c..2e0d709fed 100644 --- a/arch/arm/mach-stm32mp/cpu.c +++ b/arch/arm/mach-stm32mp/cpu.c @@ -12,6 +12,7 @@ #include <env.h> #include <init.h> #include <log.h> +#include <lmb.h> #include <misc.h> #include <net.h> #include <asm/io.h> @@ -220,6 +221,9 @@ void dram_bank_mmu_setup(int bank) int i; phys_addr_t start; phys_size_t size; + struct lmb lmb; + bool use_lmb = false; + enum dcache_option option;
if (IS_ENABLED(CONFIG_SPL_BUILD)) { start = ALIGN_DOWN(STM32_SYSRAM_BASE, MMU_SECTION_SIZE); @@ -228,6 +232,10 @@ void dram_bank_mmu_setup(int bank) /* bd->bi_dram is available only after relocation */ start = bd->bi_dram[bank].start; size = bd->bi_dram[bank].size; + if (IS_ENABLED(CONFIG_LMB)) { + use_lmb = true; + lmb_init_and_reserve(&lmb, bd, (void *)gd->fdt_blob); + } } else { /* mark cacheable and executable the beggining of the DDR */ start = STM32_DDR_BASE; @@ -236,8 +244,12 @@ void dram_bank_mmu_setup(int bank)
for (i = start >> MMU_SECTION_SHIFT; i < (start >> MMU_SECTION_SHIFT) + (size >> MMU_SECTION_SHIFT); - i++) - set_section_dcache(i, DCACHE_DEFAULT_OPTION); + i++) { + option = DCACHE_DEFAULT_OPTION; + if (use_lmb && lmb_is_reserved_flags(&lmb, i << MMU_SECTION_SHIFT, LMB_NOMAP)) + option = INVALID_ENTRY; + set_section_dcache(i, option); + } } /* * initialize the MMU and activate cache in SPL or in U-Boot pre-reloc stage