diff --git a/Makefile b/Makefile index c82c7a2..691725f 100644 --- a/Makefile +++ b/Makefile @@ -357,7 +357,7 @@ $(1) : $(2) @echo " PP $$<" - $$(Q)$$(AS) $$(ASFLAGS) -P -E -o $$@ $$< + $$(Q)$$(AS) $$(ASFLAGS) -P -E -D__LINKER__ -o $$@ $$< $(PREREQUISITES) : $(2) @echo " DEPS $$@" diff --git a/docs/firmware-design.md b/docs/firmware-design.md index 41aaf7f..be1f5f3 100644 --- a/docs/firmware-design.md +++ b/docs/firmware-design.md @@ -1212,14 +1212,19 @@ * BL2 is loaded below BL3-1. -* The TSP is loaded as the BL3-2 image at the base of either the Trusted - SRAM or Trusted DRAM. When loaded into Trusted SRAM, its NOBITS sections - are allowed to overlay BL2. +* BL3-2 can be loaded in one of the following locations: -This memory layout is designed to give the BL3-2 image as much memory as -possible when it is loaded into Trusted SRAM. Depending on the location of the -TSP, it will result in different memory maps, illustrated by the following -diagrams. + * Trusted SRAM + * Trusted DRAM + * Secure region of DRAM (top 16MB of DRAM configured by the TrustZone + controller) + +When BL3-2 is loaded into Trusted SRAM, its NOBITS sections are allowed to +overlay BL2. This memory layout is designed to give the BL3-2 image as much +memory as possible when it is loaded into Trusted SRAM. + +The location of the BL3-2 image will result in different memory maps. This is +illustrated in the following diagrams using the TSP as an example. **TSP in Trusted SRAM (default option):** @@ -1267,8 +1272,37 @@ | BL1 (ro) | 0x00000000 +----------+ -Loading the TSP image in Trusted DRAM doesn't change the memory layout of the -other boot loader images in Trusted SRAM. +**TSP in the TZC-Secured DRAM:** + + DRAM + 0xffffffff +----------+ + | BL3-2 | (secure) + 0xff000000 +----------+ + | | + : : (non-secure) + | | + 0x80000000 +----------+ + + Trusted SRAM + 0x04040000 +----------+ loaded by BL2 ------------------ + | BL1 (rw) | <<<<<<<<<<<<< | BL3-1 NOBITS | + |----------| <<<<<<<<<<<<< |----------------| + | | <<<<<<<<<<<<< | BL3-1 PROGBITS | + |----------| ------------------ + | BL2 | + |----------| + | | + 0x04001000 +----------+ + | Shared | + 0x04000000 +----------+ + + Trusted ROM + 0x04000000 +----------+ + | BL1 (ro) | + 0x00000000 +----------+ + +Moving the TSP image out of the Trusted SRAM doesn't change the memory layout +of the other boot loader images in Trusted SRAM. #### Memory layout on Juno ARM development platform diff --git a/docs/user-guide.md b/docs/user-guide.md index b33c4c0..f5a79e4 100644 --- a/docs/user-guide.md +++ b/docs/user-guide.md @@ -248,8 +248,9 @@ #### FVP specific build options * `FVP_TSP_RAM_LOCATION`: location of the TSP binary. Options: - - `tsram` (default) : Trusted SRAM + - `tsram` : Trusted SRAM (default option) - `tdram` : Trusted DRAM + - `dram` : Secure region in DRAM (configured by the TrustZone controller) For a better understanding of FVP options, the FVP memory map is explained in the [Firmware Design]. diff --git a/plat/fvp/fvp_def.h b/plat/fvp/fvp_def.h index be1dca0..d1d9adb 100644 --- a/plat/fvp/fvp_def.h +++ b/plat/fvp/fvp_def.h @@ -36,8 +36,29 @@ #define FVP_PRIMARY_CPU 0x0 /* Memory location options for TSP */ -#define FVP_IN_TRUSTED_SRAM 0 -#define FVP_IN_TRUSTED_DRAM 1 +#define FVP_TRUSTED_SRAM_ID 0 +#define FVP_TRUSTED_DRAM_ID 1 +#define FVP_DRAM_ID 2 + +/* + * Some of the definitions in this file use the 'ull' suffix in order to avoid + * subtle integer overflow errors due to implicit integer type promotion when + * working with 32-bit values. + * + * The TSP linker script includes some of these definitions to define the BL3-2 + * memory map, but the GNU LD does not support the 'ull' suffix, causing the + * build process to fail. To solve this problem, the auxiliary macro MAKE_ULL(x) + * will add the 'ull' suffix only when the macro __LINKER__ is not defined + * (__LINKER__ is defined in the command line to preprocess the linker script). + * Constants in the linker script will not have the 'ull' suffix, but this is + * not a problem since the linker evaluates all constant expressions to 64 bit + * (assuming the target architecture is 64 bit). + */ +#ifndef __LINKER__ + #define MAKE_ULL(x) x##ull +#else + #define MAKE_ULL(x) x +#endif /******************************************************************************* * FVP memory map related constants @@ -79,12 +100,12 @@ #define NSRAM_BASE 0x2e000000 #define NSRAM_SIZE 0x10000 -#define DRAM1_BASE 0x80000000ull -#define DRAM1_SIZE 0x80000000ull +#define DRAM1_BASE MAKE_ULL(0x80000000) +#define DRAM1_SIZE MAKE_ULL(0x80000000) #define DRAM1_END (DRAM1_BASE + DRAM1_SIZE - 1) /* Define the top 16 MB of DRAM1 as secure */ -#define DRAM1_SEC_SIZE 0x01000000ull +#define DRAM1_SEC_SIZE MAKE_ULL(0x01000000) #define DRAM1_SEC_BASE (DRAM1_BASE + DRAM1_SIZE - DRAM1_SEC_SIZE) #define DRAM1_SEC_END (DRAM1_SEC_BASE + DRAM1_SEC_SIZE - 1) @@ -95,8 +116,8 @@ #define DRAM_BASE DRAM1_BASE #define DRAM_SIZE DRAM1_SIZE -#define DRAM2_BASE 0x880000000ull -#define DRAM2_SIZE 0x780000000ull +#define DRAM2_BASE MAKE_ULL(0x880000000) +#define DRAM2_SIZE MAKE_ULL(0x780000000) #define DRAM2_END (DRAM2_BASE + DRAM2_SIZE - 1) #define PCIE_EXP_BASE 0x40000000 diff --git a/plat/fvp/include/platform_def.h b/plat/fvp/include/platform_def.h index 1455584..2925525 100644 --- a/plat/fvp/include/platform_def.h +++ b/plat/fvp/include/platform_def.h @@ -128,19 +128,25 @@ * BL32 specific defines. ******************************************************************************/ /* - * On FVP, the TSP can execute either from Trusted SRAM or Trusted DRAM. + * On FVP, the TSP can execute from Trusted SRAM, Trusted DRAM or the DRAM + * region secured by the TrustZone controller. */ -#if FVP_TSP_RAM_LOCATION_ID == FVP_IN_TRUSTED_SRAM +#if FVP_TSP_RAM_LOCATION_ID == FVP_TRUSTED_SRAM_ID # define TSP_SEC_MEM_BASE FVP_TRUSTED_SRAM_BASE # define TSP_SEC_MEM_SIZE FVP_TRUSTED_SRAM_SIZE # define TSP_PROGBITS_LIMIT BL2_BASE # define BL32_BASE FVP_TRUSTED_SRAM_BASE # define BL32_LIMIT BL31_BASE -#elif FVP_TSP_RAM_LOCATION_ID == FVP_IN_TRUSTED_DRAM +#elif FVP_TSP_RAM_LOCATION_ID == FVP_TRUSTED_DRAM_ID # define TSP_SEC_MEM_BASE FVP_TRUSTED_DRAM_BASE # define TSP_SEC_MEM_SIZE FVP_TRUSTED_DRAM_SIZE # define BL32_BASE FVP_TRUSTED_DRAM_BASE # define BL32_LIMIT (FVP_TRUSTED_DRAM_BASE + (1 << 21)) +#elif FVP_TSP_RAM_LOCATION_ID == FVP_DRAM_ID +# define TSP_SEC_MEM_BASE DRAM1_SEC_BASE +# define TSP_SEC_MEM_SIZE DRAM1_SEC_SIZE +# define BL32_BASE DRAM1_SEC_BASE +# define BL32_LIMIT (DRAM1_SEC_BASE + DRAM1_SEC_SIZE) #else # error "Unsupported FVP_TSP_RAM_LOCATION_ID value" #endif @@ -154,11 +160,21 @@ * Platform specific page table and MMU setup constants ******************************************************************************/ #define ADDR_SPACE_SIZE (1ull << 32) -#if IMAGE_BL2 -# define MAX_XLAT_TABLES 3 -#else + +#if IMAGE_BL1 # define MAX_XLAT_TABLES 2 +#elif IMAGE_BL2 +# define MAX_XLAT_TABLES 3 +#elif IMAGE_BL31 +# define MAX_XLAT_TABLES 2 +#elif IMAGE_BL32 +# if FVP_TSP_RAM_LOCATION_ID == FVP_DRAM_ID +# define MAX_XLAT_TABLES 3 +# else +# define MAX_XLAT_TABLES 2 +# endif #endif + #define MAX_MMAP_REGIONS 16 /******************************************************************************* diff --git a/plat/fvp/platform.mk b/plat/fvp/platform.mk index fdcee50..892e43c 100644 --- a/plat/fvp/platform.mk +++ b/plat/fvp/platform.mk @@ -32,9 +32,11 @@ # Trusted SRAM is the default. FVP_TSP_RAM_LOCATION := tsram ifeq (${FVP_TSP_RAM_LOCATION}, tsram) - FVP_TSP_RAM_LOCATION_ID := FVP_IN_TRUSTED_SRAM + FVP_TSP_RAM_LOCATION_ID := FVP_TRUSTED_SRAM_ID else ifeq (${FVP_TSP_RAM_LOCATION}, tdram) - FVP_TSP_RAM_LOCATION_ID := FVP_IN_TRUSTED_DRAM + FVP_TSP_RAM_LOCATION_ID := FVP_TRUSTED_DRAM_ID +else ifeq (${FVP_TSP_RAM_LOCATION}, dram) + FVP_TSP_RAM_LOCATION_ID := FVP_DRAM_ID else $(error "Unsupported FVP_TSP_RAM_LOCATION value") endif