TrustZone: reenable memory protection (fix #1060)
This commit is contained in:
parent
14a636f9a7
commit
3b69dc2a58
|
@ -20,10 +20,16 @@
|
||||||
namespace Trustzone
|
namespace Trustzone
|
||||||
{
|
{
|
||||||
enum {
|
enum {
|
||||||
VM_STATE_SIZE = 1 << 20,
|
/**
|
||||||
|
* Currently, we limit secure RAM to 256 MB only,
|
||||||
|
* because the memory protection feature of the M4IF
|
||||||
|
* on this platform allows to protect a max. region of
|
||||||
|
* 256MB per RAM bank only.
|
||||||
|
*/
|
||||||
SECURE_RAM_BASE = Genode::Board_base::RAM0_BASE,
|
SECURE_RAM_BASE = Genode::Board_base::RAM0_BASE,
|
||||||
SECURE_RAM_SIZE = Genode::Board_base::RAM0_SIZE - VM_STATE_SIZE,
|
SECURE_RAM_SIZE = 256 * 1024 * 1024,
|
||||||
VM_STATE_BASE = SECURE_RAM_BASE + SECURE_RAM_SIZE,
|
VM_STATE_BASE = SECURE_RAM_BASE + SECURE_RAM_SIZE,
|
||||||
|
VM_STATE_SIZE = 1 << 20,
|
||||||
NONSECURE_RAM_BASE = Genode::Board_base::RAM1_BASE,
|
NONSECURE_RAM_BASE = Genode::Board_base::RAM1_BASE,
|
||||||
NONSECURE_RAM_SIZE = Genode::Board_base::RAM1_SIZE,
|
NONSECURE_RAM_SIZE = Genode::Board_base::RAM1_SIZE,
|
||||||
};
|
};
|
||||||
|
|
|
@ -21,17 +21,32 @@ class M4if : Genode::Mmio
|
||||||
{
|
{
|
||||||
private:
|
private:
|
||||||
|
|
||||||
|
enum { SZ_256MB = 1024 * 1024 * 256 };
|
||||||
|
|
||||||
|
struct Protection_boundary_crossed {};
|
||||||
|
|
||||||
struct Wm_reg0_ddr0_start : public Register<0xec, 32>
|
struct Wm_reg0_ddr0_start : public Register<0xec, 32>
|
||||||
{
|
{
|
||||||
struct Addr : Bitfield<0,20> {};
|
struct Addr : Bitfield<0,20> {};
|
||||||
struct Enable : Bitfield<31,1> {};
|
struct Enable : Bitfield<31,1> {};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
struct Wm_reg0_ddr1_start : public Register<0xf0, 32>
|
||||||
|
{
|
||||||
|
struct Addr : Bitfield<0,20> {};
|
||||||
|
struct Enable : Bitfield<31,1> {};
|
||||||
|
};
|
||||||
|
|
||||||
struct Wm_reg0_ddr0_end : public Register<0x10c, 32>
|
struct Wm_reg0_ddr0_end : public Register<0x10c, 32>
|
||||||
{
|
{
|
||||||
struct Addr : Bitfield<0,20> {};
|
struct Addr : Bitfield<0,20> {};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
struct Wm_reg0_ddr1_end : public Register<0x110, 32>
|
||||||
|
{
|
||||||
|
struct Addr : Bitfield<0,20> {};
|
||||||
|
};
|
||||||
|
|
||||||
struct Wm_reg0_irq : public Register<0x114, 32>
|
struct Wm_reg0_irq : public Register<0x114, 32>
|
||||||
{
|
{
|
||||||
struct Status_ddr0 : Bitfield<6,1> {};
|
struct Status_ddr0 : Bitfield<6,1> {};
|
||||||
|
@ -40,12 +55,15 @@ class M4if : Genode::Mmio
|
||||||
|
|
||||||
struct Wm_reg0_addr : public Register<0x118, 32> {};
|
struct Wm_reg0_addr : public Register<0x118, 32> {};
|
||||||
|
|
||||||
|
|
||||||
public:
|
public:
|
||||||
|
|
||||||
M4if(Genode::addr_t const base) : Genode::Mmio(base) {}
|
M4if(Genode::addr_t const base) : Genode::Mmio(base) {}
|
||||||
|
|
||||||
void set_region(Genode::addr_t addr, Genode::size_t size)
|
void set_region0(Genode::addr_t addr, Genode::size_t size)
|
||||||
{
|
{
|
||||||
|
if (size > SZ_256MB) throw Protection_boundary_crossed();
|
||||||
|
|
||||||
write<Wm_reg0_ddr0_end::Addr>((addr+size-1) >> 12);
|
write<Wm_reg0_ddr0_end::Addr>((addr+size-1) >> 12);
|
||||||
write<Wm_reg0_ddr0_start>(
|
write<Wm_reg0_ddr0_start>(
|
||||||
Wm_reg0_ddr0_start::Addr::bits(addr >> 12) |
|
Wm_reg0_ddr0_start::Addr::bits(addr >> 12) |
|
||||||
|
@ -53,6 +71,17 @@ class M4if : Genode::Mmio
|
||||||
write<Wm_reg0_irq::Enable>(1);
|
write<Wm_reg0_irq::Enable>(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void set_region1(Genode::addr_t addr, Genode::size_t size)
|
||||||
|
{
|
||||||
|
if (size > SZ_256MB) throw Protection_boundary_crossed();
|
||||||
|
|
||||||
|
write<Wm_reg0_ddr1_end::Addr>((addr+size-1) >> 12);
|
||||||
|
write<Wm_reg0_ddr1_start>(
|
||||||
|
Wm_reg0_ddr1_start::Addr::bits(addr >> 12) |
|
||||||
|
Wm_reg0_ddr1_start::Enable::bits(1));
|
||||||
|
write<Wm_reg0_irq::Enable>(1);
|
||||||
|
}
|
||||||
|
|
||||||
void ack_irq() { write<Wm_reg0_irq::Status_ddr0>(1); }
|
void ack_irq() { write<Wm_reg0_irq::Status_ddr0>(1); }
|
||||||
|
|
||||||
Genode::addr_t violation_addr() { return read<Wm_reg0_addr>(); }
|
Genode::addr_t violation_addr() { return read<Wm_reg0_addr>(); }
|
||||||
|
|
|
@ -124,7 +124,7 @@ class Vmm::Vmm : public Thread<8192>
|
||||||
_m4if_io_mem(Board_base::M4IF_BASE, Board_base::M4IF_SIZE),
|
_m4if_io_mem(Board_base::M4IF_BASE, Board_base::M4IF_SIZE),
|
||||||
_m4if((addr_t)env()->rm_session()->attach(_m4if_io_mem.dataspace()))
|
_m4if((addr_t)env()->rm_session()->attach(_m4if_io_mem.dataspace()))
|
||||||
{
|
{
|
||||||
_m4if.set_region(Trustzone::SECURE_RAM_BASE,
|
_m4if.set_region0(Trustzone::SECURE_RAM_BASE,
|
||||||
Trustzone::SECURE_RAM_SIZE);
|
Trustzone::SECURE_RAM_SIZE);
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in New Issue
Block a user