[U-Boot] [RFC, PATCH] omap: Invalidate first page to avoid speculation
Hello u-boot list,
Here is a "request for comments" on the best way to solve a little "speculation" issue on recent OMAPs. Any guidance/feedback on the way to go would be greatly appreciated, please.
I am using u-boot on an OMAP5 HS device (with security, that is), and I am experiencing "security violations" due to speculative accesses done by the Cortex-A15 processor to the region near address zero. This region is a secure region, where non-secure accesses are forbidden and reported by the security firmware on an OMAP HS device. On an OMAP GP device, those accesses may very well exist, but are silently ignored by the firmware. Note that the speculative accesses are not actual functional accesses, so their being aborted does not harm the functionality of u-boot as it is. A quick (and dirty) solution is to mark the region near address zero as being invalid, which prevents the processor from doing speculative accesses there (see patch). This patch as it is has a number of issues: it impacts all ARM devices and it unmaps too large a region. I am not sure how to cleanly rework the patch so that it would be made OMAP-only cleanly. Also, unmapping a smaller region to better fit the hardware characteristics would require using second level descriptors, and I do not know if this is recommended. To make this worse, chips in the OMAP family have differences in their secure rom boundaries.
Does the u-boot community feels this issue needs to be addressed? What would be the best way to solve this?
Best regards,
V.
Signed-off-by: Vincent Stehlé v-stehle@ti.com --- arch/arm/lib/cache-cp15.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/arch/arm/lib/cache-cp15.c b/arch/arm/lib/cache-cp15.c index 939de10..57e1974 100644 --- a/arch/arm/lib/cache-cp15.c +++ b/arch/arm/lib/cache-cp15.c @@ -72,8 +72,13 @@ static inline void mmu_setup(void) u32 reg;
arm_init_before_mmu(); + + /* First page (starting at 0x0) is made invalid to avoid + * speculative accesses in secure rom. */ + page_table[0] = 0; + /* Set up an identity-mapping for all 4GB, rw for everyone */ - for (i = 0; i < 4096; i++) + for (i = 1; i < 4096; i++) page_table[i] = i << 20 | (3 << 10) | 0x12;
for (i = 0; i < CONFIG_NR_DRAM_BANKS; i++) {
Hi Vincent,
On Fri, 16 Nov 2012 14:36:29 +0100, Vincent Stehlé v-stehle@ti.com wrote:
Hello u-boot list,
Here is a "request for comments" on the best way to solve a little "speculation" issue on recent OMAPs. Any guidance/feedback on the way to go would be greatly appreciated, please.
I am using u-boot on an OMAP5 HS device (with security, that is), and I am experiencing "security violations" due to speculative accesses done by the Cortex-A15 processor to the region near address zero. This region is a secure region, where non-secure accesses are forbidden and reported by the security firmware on an OMAP HS device. On an OMAP GP device, those accesses may very well exist, but are silently ignored by the firmware. Note that the speculative accesses are not actual functional accesses, so their being aborted does not harm the functionality of u-boot as it is. A quick (and dirty) solution is to mark the region near address zero as being invalid, which prevents the processor from doing speculative accesses there (see patch). This patch as it is has a number of issues: it impacts all ARM devices and it unmaps too large a region. I am not sure how to cleanly rework the patch so that it would be made OMAP-only cleanly. Also, unmapping a smaller region to better fit the hardware characteristics would require using second level descriptors, and I do not know if this is recommended. To make this worse, chips in the OMAP family have differences in their secure rom boundaries.
Does the u-boot community feels this issue needs to be addressed? What would be the best way to solve this?
Best regards,
V.
Signed-off-by: Vincent Stehlé v-stehle@ti.com
arch/arm/lib/cache-cp15.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/arch/arm/lib/cache-cp15.c b/arch/arm/lib/cache-cp15.c index 939de10..57e1974 100644 --- a/arch/arm/lib/cache-cp15.c +++ b/arch/arm/lib/cache-cp15.c @@ -72,8 +72,13 @@ static inline void mmu_setup(void) u32 reg;
arm_init_before_mmu();
- /* First page (starting at 0x0) is made invalid to avoid
* speculative accesses in secure rom. */- page_table[0] = 0;
- /* Set up an identity-mapping for all 4GB, rw for everyone */
- for (i = 0; i < 4096; i++)
for (i = 1; i < 4096; i++) page_table[i] = i << 20 | (3 << 10) | 0x12;
for (i = 0; i < CONFIG_NR_DRAM_BANKS; i++) {
To make this affect only some CPUs or even boards, you can define and use a weak function which would handle filling the page-table; the weak, default, function would fill table[0] like others, while OMAP5 would have a strong version which would clear table[0].
Amicalement,
Albert Aribaud:
To make this affect only some CPUs or even boards, you can define and use a weak function which would handle filling the page-table; the weak, default, function would fill table[0] like others, while OMAP5 would have a strong version which would clear table[0].
Hi Albert,
Thank you very much for your comments.
Here is "v2" of the patch, reworked to follow your advice. Comments are welcome. I think it is now cleaner to split it in two patches:
[PATCH 1/2] ARM: cache: introduce weak arm_setup_identity_mapping [PATCH 2/2] ARM: OMAP5: redefine arm_setup_identity_mapping
I picked the 'arm_setup_identity_mapping' name more or less arbitrarily, please advise if not.
I verified this patch series on an OMAP5 HS device (with security) and on a GP device (without security), and both work for me.
Best regards,
V.
Separate the MMU identity mapping for ARM in a weak function, to allow redefinition with platform specific function.
This is motivated by the need to unmap the region near address zero on HS OMAP devices, to avoid speculative accesses. Accessing this region causes security violations, which we want to avoid.
Signed-off-by: Vincent Stehlé v-stehle@ti.com --- arch/arm/lib/cache-cp15.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/arch/arm/lib/cache-cp15.c b/arch/arm/lib/cache-cp15.c index 939de10..886fe5c 100644 --- a/arch/arm/lib/cache-cp15.c +++ b/arch/arm/lib/cache-cp15.c @@ -40,6 +40,17 @@ void __arm_init_before_mmu(void) void arm_init_before_mmu(void) __attribute__((weak, alias("__arm_init_before_mmu")));
+void __arm_setup_identity_mapping(u32 *page_table) +{ + int i; + + /* Set up an identity-mapping for all 4GB, rw for everyone */ + for (i = 0; i < 4096; i++) + page_table[i] = i << 20 | (3 << 10) | 0x12; +} +void arm_setup_identity_mapping(u32 *page_table) + __attribute__((weak, alias("__arm_setup_identity_mapping"))); + static void cp_delay (void) { volatile int i; @@ -72,9 +83,10 @@ static inline void mmu_setup(void) u32 reg;
arm_init_before_mmu(); - /* Set up an identity-mapping for all 4GB, rw for everyone */ - for (i = 0; i < 4096; i++) - page_table[i] = i << 20 | (3 << 10) | 0x12; + + /* Set up an identity-mapping. Default version maps all 4GB rw for + * everyone */ + arm_setup_identity_mapping(page_table);
for (i = 0; i < CONFIG_NR_DRAM_BANKS; i++) { dram_bank_mmu_setup(i);
On Mon, Nov 19, 2012 at 03:59:33PM +0100, Vincent Stehlé wrote:
Separate the MMU identity mapping for ARM in a weak function, to allow redefinition with platform specific function.
This is motivated by the need to unmap the region near address zero on HS OMAP devices, to avoid speculative accesses. Accessing this region causes security violations, which we want to avoid.
Signed-off-by: Vincent Stehlé v-stehle@ti.com
arch/arm/lib/cache-cp15.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/arch/arm/lib/cache-cp15.c b/arch/arm/lib/cache-cp15.c index 939de10..886fe5c 100644 --- a/arch/arm/lib/cache-cp15.c +++ b/arch/arm/lib/cache-cp15.c @@ -40,6 +40,17 @@ void __arm_init_before_mmu(void) void arm_init_before_mmu(void) __attribute__((weak, alias("__arm_init_before_mmu")));
+void __arm_setup_identity_mapping(u32 *page_table) +{
- int i;
- /* Set up an identity-mapping for all 4GB, rw for everyone */
- for (i = 0; i < 4096; i++)
page_table[i] = i << 20 | (3 << 10) | 0x12;+} +void arm_setup_identity_mapping(u32 *page_table)
- __attribute__((weak, alias("__arm_setup_identity_mapping")));
Please use __weak as found in <linux/compiler.h>, thanks.
We introduce an OMAP5 specific version of arm_setup_identity_mapping(), which makes the first page of the identity mapping invalid.
We want to unmap the region near address zero on HS OMAP devices, to avoid speculative accesses. Accessing this region causes security violations, which we want to avoid.
Signed-off-by: Vincent Stehlé v-stehle@ti.com --- arch/arm/cpu/armv7/omap5/Makefile | 1 + arch/arm/cpu/armv7/omap5/cache-cp15.c | 40 +++++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) create mode 100644 arch/arm/cpu/armv7/omap5/cache-cp15.c
diff --git a/arch/arm/cpu/armv7/omap5/Makefile b/arch/arm/cpu/armv7/omap5/Makefile index 9b261c4..49c454c 100644 --- a/arch/arm/cpu/armv7/omap5/Makefile +++ b/arch/arm/cpu/armv7/omap5/Makefile @@ -29,6 +29,7 @@ COBJS += hwinit.o COBJS += clocks.o COBJS += emif.o COBJS += sdram.o +COBJS += cache-cp15.o
SRCS := $(SOBJS:.o=.S) $(COBJS:.o=.c) OBJS := $(addprefix $(obj),$(COBJS) $(SOBJS)) diff --git a/arch/arm/cpu/armv7/omap5/cache-cp15.c b/arch/arm/cpu/armv7/omap5/cache-cp15.c new file mode 100644 index 0000000..506cc00 --- /dev/null +++ b/arch/arm/cpu/armv7/omap5/cache-cp15.c @@ -0,0 +1,40 @@ +/* + * (C) Copyright 2002 + * Wolfgang Denk, DENX Software Engineering, wd@denx.de. + * + * (C) Copyright 2012 + * Vincent Stehlé, Texas Instruments, v-stehle@ti.com. + * + * See file CREDITS for list of people who contributed to this + * project. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, + * MA 02111-1307 USA + */ + +#include <common.h> + +/* OMAP5 specific function to set up the identity mapping. */ +void arm_setup_identity_mapping(u32 *page_table) +{ + /* Perform default mapping, which sets up an identity-mapping for all + * 4GB, rw for everyone */ + __arm_setup_identity_mapping(); + + /* First page (starting at 0x0) is made invalid to avoid speculative + * accesses in secure rom. TODO: use second level descriptors for finer + * grained mapping. */ + page_table[0] = 0; +}
On Mon, Nov 19, 2012 at 03:59:34PM +0100, Vincent Stehlé wrote:
We introduce an OMAP5 specific version of arm_setup_identity_mapping(), which makes the first page of the identity mapping invalid.
We want to unmap the region near address zero on HS OMAP devices, to avoid speculative accesses. Accessing this region causes security violations, which we want to avoid.
Signed-off-by: Vincent Stehlé v-stehle@ti.com
[snip]
- /* Perform default mapping, which sets up an identity-mapping for all
* 4GB, rw for everyone */
/* * Multi-line comments must all be like this. */
Aside from that (and the comment to 1/2) I think we're good here, including the naming of the function. Thanks!
Tom Rini:
Aside from that (and the comment to 1/2) I think we're good here, including the naming of the function. Thanks!
Hi Tom,
Thank you very much for your review.
Here is v3 of the patch series with reworks for __weak and comments style:
[PATCH 1/2] ARM: cache: introduce weak arm_setup_identity_mapping [PATCH 2/2] ARM: OMAP5: redefine arm_setup_identity_mapping
This boots ok on OMAP5 HS device.
Best regards,
V.
Separate the MMU identity mapping for ARM in a weak function, to allow redefinition with platform specific function.
This is motivated by the need to unmap the region near address zero on HS OMAP devices, to avoid speculative accesses. Accessing this region causes security violations, which we want to avoid.
Signed-off-by: Vincent Stehlé v-stehle@ti.com --- arch/arm/lib/cache-cp15.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/arch/arm/lib/cache-cp15.c b/arch/arm/lib/cache-cp15.c index 939de10..0b87d93 100644 --- a/arch/arm/lib/cache-cp15.c +++ b/arch/arm/lib/cache-cp15.c @@ -23,6 +23,7 @@
#include <common.h> #include <asm/system.h> +#include <linux/compiler.h>
#if !(defined(CONFIG_SYS_ICACHE_OFF) && defined(CONFIG_SYS_DCACHE_OFF))
@@ -40,6 +41,17 @@ void __arm_init_before_mmu(void) void arm_init_before_mmu(void) __attribute__((weak, alias("__arm_init_before_mmu")));
+void __arm_setup_identity_mapping(u32 *page_table) +{ + int i; + + /* Set up an identity-mapping for all 4GB, rw for everyone */ + for (i = 0; i < 4096; i++) + page_table[i] = i << 20 | (3 << 10) | 0x12; +} +__weak void arm_setup_identity_mapping(u32 *page_table) + __attribute__((alias("__arm_setup_identity_mapping"))); + static void cp_delay (void) { volatile int i; @@ -72,9 +84,10 @@ static inline void mmu_setup(void) u32 reg;
arm_init_before_mmu(); - /* Set up an identity-mapping for all 4GB, rw for everyone */ - for (i = 0; i < 4096; i++) - page_table[i] = i << 20 | (3 << 10) | 0x12; + + /* Set up an identity-mapping. Default version maps all 4GB rw for + * everyone */ + arm_setup_identity_mapping(page_table);
for (i = 0; i < CONFIG_NR_DRAM_BANKS; i++) { dram_bank_mmu_setup(i);
We introduce an OMAP5 specific version of arm_setup_identity_mapping(), which makes the first page of the identity mapping invalid.
We want to unmap the region near address zero on HS OMAP devices, to avoid speculative accesses. Accessing this region causes security violations, which we want to avoid.
Signed-off-by: Vincent Stehlé v-stehle@ti.com --- arch/arm/cpu/armv7/omap5/Makefile | 1 + arch/arm/cpu/armv7/omap5/cache-cp15.c | 44 +++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 arch/arm/cpu/armv7/omap5/cache-cp15.c
diff --git a/arch/arm/cpu/armv7/omap5/Makefile b/arch/arm/cpu/armv7/omap5/Makefile index 9b261c4..49c454c 100644 --- a/arch/arm/cpu/armv7/omap5/Makefile +++ b/arch/arm/cpu/armv7/omap5/Makefile @@ -29,6 +29,7 @@ COBJS += hwinit.o COBJS += clocks.o COBJS += emif.o COBJS += sdram.o +COBJS += cache-cp15.o
SRCS := $(SOBJS:.o=.S) $(COBJS:.o=.c) OBJS := $(addprefix $(obj),$(COBJS) $(SOBJS)) diff --git a/arch/arm/cpu/armv7/omap5/cache-cp15.c b/arch/arm/cpu/armv7/omap5/cache-cp15.c new file mode 100644 index 0000000..afd339a --- /dev/null +++ b/arch/arm/cpu/armv7/omap5/cache-cp15.c @@ -0,0 +1,44 @@ +/* + * (C) Copyright 2002 + * Wolfgang Denk, DENX Software Engineering, wd@denx.de. + * + * (C) Copyright 2012 + * Vincent Stehlé, Texas Instruments, v-stehle@ti.com. + * + * See file CREDITS for list of people who contributed to this + * project. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, + * MA 02111-1307 USA + */ + +#include <common.h> + +/* OMAP5 specific function to set up the identity mapping. */ +void arm_setup_identity_mapping(u32 *page_table) +{ + /* + * Perform default mapping, which sets up an identity-mapping for all + * 4GB, rw for everyone. + */ + __arm_setup_identity_mapping(); + + /* + * First page (starting at 0x0) is made invalid to avoid speculative + * accesses in secure rom. + * TODO: use second level descriptors for finer grained mapping. + */ + page_table[0] = 0; +}
We introduce an OMAP5 specific version of arm_setup_identity_mapping(), which makes the first page of the identity mapping invalid.
We want to unmap the region near address zero on HS OMAP devices, to avoid speculative accesses. Accessing this region causes security violations, which we want to avoid.
Signed-off-by: Vincent Stehlé v-stehle@ti.com Cc: Tom Rini trini@ti.com --- Changes for v2: - Fix missing page_table argument - Add extern definition to fix compilation warning
arch/arm/cpu/armv7/omap5/Makefile | 1 + arch/arm/cpu/armv7/omap5/cache-cp15.c | 46 +++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 arch/arm/cpu/armv7/omap5/cache-cp15.c
diff --git a/arch/arm/cpu/armv7/omap5/Makefile b/arch/arm/cpu/armv7/omap5/Makefile index 9b261c4..49c454c 100644 --- a/arch/arm/cpu/armv7/omap5/Makefile +++ b/arch/arm/cpu/armv7/omap5/Makefile @@ -29,6 +29,7 @@ COBJS += hwinit.o COBJS += clocks.o COBJS += emif.o COBJS += sdram.o +COBJS += cache-cp15.o
SRCS := $(SOBJS:.o=.S) $(COBJS:.o=.c) OBJS := $(addprefix $(obj),$(COBJS) $(SOBJS)) diff --git a/arch/arm/cpu/armv7/omap5/cache-cp15.c b/arch/arm/cpu/armv7/omap5/cache-cp15.c new file mode 100644 index 0000000..6ff4548 --- /dev/null +++ b/arch/arm/cpu/armv7/omap5/cache-cp15.c @@ -0,0 +1,46 @@ +/* + * (C) Copyright 2002 + * Wolfgang Denk, DENX Software Engineering, wd@denx.de. + * + * (C) Copyright 2012 + * Vincent Stehlé, Texas Instruments, v-stehle@ti.com. + * + * See file CREDITS for list of people who contributed to this + * project. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, + * MA 02111-1307 USA + */ + +#include <common.h> + +/* OMAP5 specific function to set up the identity mapping. */ +void arm_setup_identity_mapping(u32 *page_table) +{ + extern void __arm_setup_identity_mapping(u32 *page_table); + + /* + * Perform default mapping, which sets up an identity-mapping for all + * 4GB, rw for everyone. + */ + __arm_setup_identity_mapping(page_table); + + /* + * First page (starting at 0x0) is made invalid to avoid speculative + * accesses in secure rom. + * TODO: use second level descriptors for finer grained mapping. + */ + page_table[0] = 0; +}
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 12/11/12 10:35, Vincent Stehlé wrote:
We introduce an OMAP5 specific version of arm_setup_identity_mapping(), which makes the first page of the identity mapping invalid.
We want to unmap the region near address zero on HS OMAP devices, to avoid speculative accesses. Accessing this region causes security violations, which we want to avoid.
Signed-off-by: Vincent Stehlé v-stehle@ti.com Cc: Tom Rini trini@ti.com --- Changes for v2: - Fix missing page_table argument - Add extern definition to fix compilation warning
arch/arm/cpu/armv7/omap5/Makefile | 1 + arch/arm/cpu/armv7/omap5/cache-cp15.c | 46 +++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 arch/arm/cpu/armv7/omap5/cache-cp15.c
diff --git a/arch/arm/cpu/armv7/omap5/Makefile b/arch/arm/cpu/armv7/omap5/Makefile index 9b261c4..49c454c 100644 --- a/arch/arm/cpu/armv7/omap5/Makefile +++ b/arch/arm/cpu/armv7/omap5/Makefile @@ -29,6 +29,7 @@ COBJS += hwinit.o COBJS += clocks.o COBJS += emif.o COBJS += sdram.o +COBJS += cache-cp15.o
SRCS := $(SOBJS:.o=.S) $(COBJS:.o=.c) OBJS := $(addprefix $(obj),$(COBJS) $(SOBJS)) diff --git a/arch/arm/cpu/armv7/omap5/cache-cp15.c b/arch/arm/cpu/armv7/omap5/cache-cp15.c new file mode 100644 index 0000000..6ff4548 --- /dev/null +++ b/arch/arm/cpu/armv7/omap5/cache-cp15.c @@ -0,0 +1,46 @@ +/* + * (C) Copyright 2002 + * Wolfgang Denk, DENX Software Engineering, wd@denx.de. + * + * (C) Copyright 2012 + * Vincent Stehlé, Texas Instruments, v-stehle@ti.com. + * + * See file CREDITS for list of people who contributed to this + * project. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, + * MA 02111-1307 USA + */ + +#include <common.h> + +/* OMAP5 specific function to set up the identity mapping. */ +void arm_setup_identity_mapping(u32 *page_table) +{ + extern void __arm_setup_identity_mapping(u32 *page_table);
Lets put the extern in arch/arm/include/asm/cache.h and make both files #include <asm/cache.h>. Thanks!
- -- Tom
Tom Rini:
Lets put the extern in arch/arm/include/asm/cache.h and make both files #include <asm/cache.h>.
Sure, here is an updated patches pair:
[PATCH v3 1/2] ARM: cache: introduce weak arm_setup_identity_mapping [PATCH v3 2/2] ARM: OMAP5: redefine arm_setup_identity_mapping
Thank you for your reviews.
Best regards,
V.
Separate the MMU identity mapping for ARM in a weak function, to allow redefinition with platform specific function.
This is motivated by the need to unmap the region near address zero on HS OMAP devices, to avoid speculative accesses. Accessing this region causes security violations, which we want to avoid.
Signed-off-by: Vincent Stehlé v-stehle@ti.com Cc: Tom Rini trini@ti.com --- Changes for v3: - Add definition of __arm_setup_identity_mapping() into asm/cache.h - Fix comments style
arch/arm/include/asm/cache.h | 1 + arch/arm/lib/cache-cp15.c | 22 +++++++++++++++++++--- 2 files changed, 20 insertions(+), 3 deletions(-)
diff --git a/arch/arm/include/asm/cache.h b/arch/arm/include/asm/cache.h index eef6a5a..328377b 100644 --- a/arch/arm/include/asm/cache.h +++ b/arch/arm/include/asm/cache.h @@ -41,6 +41,7 @@ static inline void invalidate_l2_cache(void)
void l2_cache_enable(void); void l2_cache_disable(void); +void __arm_setup_identity_mapping(u32 *page_table);
/* * The current upper bound for ARM L1 data cache line sizes is 64 bytes. We diff --git a/arch/arm/lib/cache-cp15.c b/arch/arm/lib/cache-cp15.c index 939de10..f785ff5 100644 --- a/arch/arm/lib/cache-cp15.c +++ b/arch/arm/lib/cache-cp15.c @@ -23,6 +23,8 @@
#include <common.h> #include <asm/system.h> +#include <asm/cache.h> +#include <linux/compiler.h>
#if !(defined(CONFIG_SYS_ICACHE_OFF) && defined(CONFIG_SYS_DCACHE_OFF))
@@ -40,6 +42,17 @@ void __arm_init_before_mmu(void) void arm_init_before_mmu(void) __attribute__((weak, alias("__arm_init_before_mmu")));
+void __arm_setup_identity_mapping(u32 *page_table) +{ + int i; + + /* Set up an identity-mapping for all 4GB, rw for everyone */ + for (i = 0; i < 4096; i++) + page_table[i] = i << 20 | (3 << 10) | 0x12; +} +__weak void arm_setup_identity_mapping(u32 *page_table) + __attribute__((alias("__arm_setup_identity_mapping"))); + static void cp_delay (void) { volatile int i; @@ -72,9 +85,12 @@ static inline void mmu_setup(void) u32 reg;
arm_init_before_mmu(); - /* Set up an identity-mapping for all 4GB, rw for everyone */ - for (i = 0; i < 4096; i++) - page_table[i] = i << 20 | (3 << 10) | 0x12; + + /* + * Set up an identity-mapping. Default version maps all 4GB rw for + * everyone + */ + arm_setup_identity_mapping(page_table);
for (i = 0; i < CONFIG_NR_DRAM_BANKS; i++) { dram_bank_mmu_setup(i);
We introduce an OMAP5 specific version of arm_setup_identity_mapping(), which makes the first page of the identity mapping invalid.
We want to unmap the region near address zero on HS OMAP devices, to avoid speculative accesses. Accessing this region causes security violations, which we want to avoid.
Signed-off-by: Vincent Stehlé v-stehle@ti.com Cc: Tom Rini trini@ti.com --- Changes for v3: - Use definition of __arm_setup_identity_mapping() from asm/cache.h
Changes for v2: - Fix missing page_table argument - Add extern definition to fix compilation warning
arch/arm/cpu/armv7/omap5/Makefile | 1 + arch/arm/cpu/armv7/omap5/cache-cp15.c | 45 +++++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+) create mode 100644 arch/arm/cpu/armv7/omap5/cache-cp15.c
diff --git a/arch/arm/cpu/armv7/omap5/Makefile b/arch/arm/cpu/armv7/omap5/Makefile index 9b261c4..49c454c 100644 --- a/arch/arm/cpu/armv7/omap5/Makefile +++ b/arch/arm/cpu/armv7/omap5/Makefile @@ -29,6 +29,7 @@ COBJS += hwinit.o COBJS += clocks.o COBJS += emif.o COBJS += sdram.o +COBJS += cache-cp15.o
SRCS := $(SOBJS:.o=.S) $(COBJS:.o=.c) OBJS := $(addprefix $(obj),$(COBJS) $(SOBJS)) diff --git a/arch/arm/cpu/armv7/omap5/cache-cp15.c b/arch/arm/cpu/armv7/omap5/cache-cp15.c new file mode 100644 index 0000000..8e4388c --- /dev/null +++ b/arch/arm/cpu/armv7/omap5/cache-cp15.c @@ -0,0 +1,45 @@ +/* + * (C) Copyright 2002 + * Wolfgang Denk, DENX Software Engineering, wd@denx.de. + * + * (C) Copyright 2012 + * Vincent Stehlé, Texas Instruments, v-stehle@ti.com. + * + * See file CREDITS for list of people who contributed to this + * project. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, + * MA 02111-1307 USA + */ + +#include <common.h> +#include <asm/cache.h> + +/* OMAP5 specific function to set up the identity mapping. */ +void arm_setup_identity_mapping(u32 *page_table) +{ + /* + * Perform default mapping, which sets up an identity-mapping for all + * 4GB, rw for everyone. + */ + __arm_setup_identity_mapping(page_table); + + /* + * First page (starting at 0x0) is made invalid to avoid speculative + * accesses in secure rom. + * TODO: use second level descriptors for finer grained mapping. + */ + page_table[0] = 0; +}
participants (3)
-
Albert ARIBAUD -
Tom Rini -
Vincent Stehlé