From: Shiju Jose shiju.jose@huawei.com
Add changes to run a secondary OP-TEE at S-EL1 for SPMC_AT_EL=2, where Hafnium is loaded at S-EL2.
Signed-off-by: Shiju Jose shiju.jose@huawei.com
Changes: V2 -> V3 1. Changes w.r.t the relocatable OP-TEE support. 2. Remove building of secondary OP-TEE as the primary OP-TEE binary use as the secondary OP-TEE as well.
V1 -> V2 1. Changed patch subject and patch description. 2. Fix for the comments from Jens Wiklander by adding separate build flags and build path for the secondary OP-TEE. --- qemu_v8/optee_sp_manifest.dts | 9 ++++ qemu_v8/secondary_optee_sp_manifest.dts | 55 +++++++++++++++++++++++++ qemu_v8/sp_layout.json | 4 ++ qemu_v8/spmc_el2_manifest.dts | 10 ++++- qemu_v8/tb_fw_config.dts | 4 ++ 5 files changed, 81 insertions(+), 1 deletion(-) create mode 100644 qemu_v8/secondary_optee_sp_manifest.dts
diff --git a/qemu_v8/optee_sp_manifest.dts b/qemu_v8/optee_sp_manifest.dts index e576295..7ffdea5 100644 --- a/qemu_v8/optee_sp_manifest.dts +++ b/qemu_v8/optee_sp_manifest.dts @@ -29,6 +29,9 @@ messaging-method = <0x3>; /* Direct messaging only */ ns-interrupts-action = <1>; /* NS_ACTION_ME */
+ /* mem-size OP-TEE specific binding. */ + mem-size = <0x700000>; + /* Boot protocol */ gp-register-num = <0x0>;
@@ -43,4 +46,10 @@ interrupts = <0x28 0xb01>; }; }; + + /* Boot Info */ + boot-info { + compatible = "arm,ffa-manifest-boot-info"; + ffa_manifest; + }; }; diff --git a/qemu_v8/secondary_optee_sp_manifest.dts b/qemu_v8/secondary_optee_sp_manifest.dts new file mode 100644 index 0000000..0d22da8 --- /dev/null +++ b/qemu_v8/secondary_optee_sp_manifest.dts @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2020, Arm Limited. All rights reserved. + * Copyright (c) 2022, Linaro Limited + * + * SPDX-License-Identifier: BSD-3-Clause + * + * This file is a Partition Manifest (PM) for a minimal Secure Partition (SP) + * that has additional optional properties defined. + * + */ + +/dts-v1/; + +/ { + compatible = "arm,ffa-manifest-1.0"; + + /* Properties */ + description = "sec-op-tee"; + ffa-version = <0x00010001>; /* 31:16 - Major, 15:0 - Minor */ + uuid = <0xe4b5f42f 0xed112faf 0x3351d7b9 0xe9cc99fc>; + id = <1>; + execution-ctx-count = <8>; + exception-level = <2>; /* S-EL1 */ + execution-state = <0>; /* AARCH64 */ + load-address = <0xea00000>; + entrypoint-offset = <0x4000>; + xlat-granule = <0>; /* 4KiB */ + boot-order = <0>; + messaging-method = <0x3>; /* Direct messaging only */ + ns-interrupts-action = <1>; /* NS_ACTION_ME */ + + /* mem-size OP-TEE specific binding. */ + mem-size = <0x600000>; + + /* Boot protocol */ + gp-register-num = <0x0>; + + device-regions { + compatible = "arm,ffa-manifest-device-regions"; + + uart1 { + base-address = <0x00000000 0x09040000>; + pages-count = <1>; + attributes = <0x3>; /* read-write */ + /* SPI, level-triggered, secure, priority=1 */ + interrupts = <0x28 0xb01>; + }; + }; + + /* Boot Info */ + boot-info { + compatible = "arm,ffa-manifest-boot-info"; + ffa_manifest; + }; +}; diff --git a/qemu_v8/sp_layout.json b/qemu_v8/sp_layout.json index c6a02a9..4054542 100644 --- a/qemu_v8/sp_layout.json +++ b/qemu_v8/sp_layout.json @@ -2,5 +2,9 @@ "op-tee" : { "image": "../../optee_os/out/arm/core/tee-pager_v2.bin", "pm": "optee_sp_manifest.dts" + }, + "sec-op-tee" : { + "image": "../../optee_os/out/arm/core/tee-pager_v2.bin", + "pm": "secondary_optee_sp_manifest.dts" } } diff --git a/qemu_v8/spmc_el2_manifest.dts b/qemu_v8/spmc_el2_manifest.dts index 7acaa38..5ad23dc 100644 --- a/qemu_v8/spmc_el2_manifest.dts +++ b/qemu_v8/spmc_el2_manifest.dts @@ -30,7 +30,15 @@ load_address = <0xe300000>; debug_name = "op-tee"; vcpu_count = <4>; - mem_size = <0xd00000>; + mem_size = <0x700000>; + }; + + vm2 { + is_ffa_partition; + load_address = <0xea00000>; + debug_name = "sec-op-tee"; + vcpu_count = <4>; + mem_size = <0x600000>; }; };
diff --git a/qemu_v8/tb_fw_config.dts b/qemu_v8/tb_fw_config.dts index 68f7b3b..ce3c26a 100644 --- a/qemu_v8/tb_fw_config.dts +++ b/qemu_v8/tb_fw_config.dts @@ -14,5 +14,9 @@ uuid = "486178e0-e7f8-11e3-bc5e-0002a5d5c51b"; load-address = <0xe300000>; }; + sec-op-tee { + uuid = "2ff4b5e4-af2f-11ed-b9d7-5133fc99cce9"; + load-address = <0xea00000>; + }; }; };
Hi,
On Mon, Jun 26, 2023 at 1:13 PM shiju.jose@huawei.com wrote:
From: Shiju Jose shiju.jose@huawei.com
Add changes to run a secondary OP-TEE at S-EL1 for SPMC_AT_EL=2, where Hafnium is loaded at S-EL2.
Signed-off-by: Shiju Jose shiju.jose@huawei.com
With https://github.com/OP-TEE/build/pull/663 I'm trying to upstream the Hafnium setup. Once that's merged please create a pull request against https://github.com/OP-TEE/build and we can continue reviewing this patch there.
Thanks, Jens
Changes: V2 -> V3
- Changes w.r.t the relocatable OP-TEE support.
- Remove building of secondary OP-TEE as the primary OP-TEE
binary use as the secondary OP-TEE as well.
V1 -> V2
- Changed patch subject and patch description.
- Fix for the comments from Jens Wiklander by adding separate build flags and build path for the secondary OP-TEE.
qemu_v8/optee_sp_manifest.dts | 9 ++++ qemu_v8/secondary_optee_sp_manifest.dts | 55 +++++++++++++++++++++++++ qemu_v8/sp_layout.json | 4 ++ qemu_v8/spmc_el2_manifest.dts | 10 ++++- qemu_v8/tb_fw_config.dts | 4 ++ 5 files changed, 81 insertions(+), 1 deletion(-) create mode 100644 qemu_v8/secondary_optee_sp_manifest.dts
diff --git a/qemu_v8/optee_sp_manifest.dts b/qemu_v8/optee_sp_manifest.dts index e576295..7ffdea5 100644 --- a/qemu_v8/optee_sp_manifest.dts +++ b/qemu_v8/optee_sp_manifest.dts @@ -29,6 +29,9 @@ messaging-method = <0x3>; /* Direct messaging only */ ns-interrupts-action = <1>; /* NS_ACTION_ME */
/* mem-size OP-TEE specific binding. */mem-size = <0x700000>;/* Boot protocol */ gp-register-num = <0x0>;@@ -43,4 +46,10 @@ interrupts = <0x28 0xb01>; }; };
/* Boot Info */boot-info {compatible = "arm,ffa-manifest-boot-info";ffa_manifest;};}; diff --git a/qemu_v8/secondary_optee_sp_manifest.dts b/qemu_v8/secondary_optee_sp_manifest.dts new file mode 100644 index 0000000..0d22da8 --- /dev/null +++ b/qemu_v8/secondary_optee_sp_manifest.dts @@ -0,0 +1,55 @@ +/*
- Copyright (c) 2020, Arm Limited. All rights reserved.
- Copyright (c) 2022, Linaro Limited
- SPDX-License-Identifier: BSD-3-Clause
- This file is a Partition Manifest (PM) for a minimal Secure Partition (SP)
- that has additional optional properties defined.
- */
+/dts-v1/;
+/ {
compatible = "arm,ffa-manifest-1.0";/* Properties */description = "sec-op-tee";ffa-version = <0x00010001>; /* 31:16 - Major, 15:0 - Minor */uuid = <0xe4b5f42f 0xed112faf 0x3351d7b9 0xe9cc99fc>;id = <1>;execution-ctx-count = <8>;exception-level = <2>; /* S-EL1 */execution-state = <0>; /* AARCH64 */load-address = <0xea00000>;entrypoint-offset = <0x4000>;xlat-granule = <0>; /* 4KiB */boot-order = <0>;messaging-method = <0x3>; /* Direct messaging only */ns-interrupts-action = <1>; /* NS_ACTION_ME *//* mem-size OP-TEE specific binding. */mem-size = <0x600000>;/* Boot protocol */gp-register-num = <0x0>;device-regions {compatible = "arm,ffa-manifest-device-regions";uart1 {base-address = <0x00000000 0x09040000>;pages-count = <1>;attributes = <0x3>; /* read-write *//* SPI, level-triggered, secure, priority=1 */interrupts = <0x28 0xb01>;};};/* Boot Info */boot-info {compatible = "arm,ffa-manifest-boot-info";ffa_manifest;};+}; diff --git a/qemu_v8/sp_layout.json b/qemu_v8/sp_layout.json index c6a02a9..4054542 100644 --- a/qemu_v8/sp_layout.json +++ b/qemu_v8/sp_layout.json @@ -2,5 +2,9 @@ "op-tee" : { "image": "../../optee_os/out/arm/core/tee-pager_v2.bin", "pm": "optee_sp_manifest.dts"
},"sec-op-tee" : {"image": "../../optee_os/out/arm/core/tee-pager_v2.bin","pm": "secondary_optee_sp_manifest.dts" }} diff --git a/qemu_v8/spmc_el2_manifest.dts b/qemu_v8/spmc_el2_manifest.dts index 7acaa38..5ad23dc 100644 --- a/qemu_v8/spmc_el2_manifest.dts +++ b/qemu_v8/spmc_el2_manifest.dts @@ -30,7 +30,15 @@ load_address = <0xe300000>; debug_name = "op-tee"; vcpu_count = <4>;
mem_size = <0xd00000>;
mem_size = <0x700000>;};vm2 {is_ffa_partition;load_address = <0xea00000>;debug_name = "sec-op-tee";vcpu_count = <4>;mem_size = <0x600000>; }; };diff --git a/qemu_v8/tb_fw_config.dts b/qemu_v8/tb_fw_config.dts index 68f7b3b..ce3c26a 100644 --- a/qemu_v8/tb_fw_config.dts +++ b/qemu_v8/tb_fw_config.dts @@ -14,5 +14,9 @@ uuid = "486178e0-e7f8-11e3-bc5e-0002a5d5c51b"; load-address = <0xe300000>; };
sec-op-tee {uuid = "2ff4b5e4-af2f-11ed-b9d7-5133fc99cce9";load-address = <0xea00000>;}; };};
2.25.1
Hi Jens,
-----Original Message----- From: Jens Wiklander jens.wiklander@linaro.org Sent: 11 July 2023 10:02 To: Shiju Jose shiju.jose@huawei.com Cc: linaro-open-discussions@op-lists.linaro.org; Olivier.Deprez@arm.com; Linuxarm linuxarm@huawei.com; Jonathan Cameron jonathan.cameron@huawei.com; Zengtao (B) prime.zeng@hisilicon.com; zhouguangwei (C) zhouguangwei5@huawei.com Subject: Re: [PATCH V3 1/1] qemu_v8: add support to run secondary OP-TEE
Hi,
On Mon, Jun 26, 2023 at 1:13 PM shiju.jose@huawei.com wrote:
From: Shiju Jose shiju.jose@huawei.com
Add changes to run a secondary OP-TEE at S-EL1 for SPMC_AT_EL=2, where Hafnium is loaded at S-EL2.
Signed-off-by: Shiju Jose shiju.jose@huawei.com
With https://github.com/OP-TEE/build/pull/663 I'm trying to upstream the Hafnium setup. Once that's merged please create a pull request against https://github.com/OP-TEE/build and we can continue reviewing this patch there.
Sure.
Thanks, Shiju
Thanks, Jens
...
2.25.1
linaro-open-discussions@op-lists.linaro.org
-
Jens Wiklander -
Shiju Jose -
shiju.jose@huawei.com