From d305ece47bf3e90b5008bf5932583ee2a772650b Mon Sep 17 00:00:00 2001
From: "Haoran.Wang" <elven.wang@nxp.com>
Date: Mon, 10 Sep 2018 11:03:26 +0800
Subject: MA-11015 Support Trusty OS on imx8qm/qxp

The Trusty OS binary will be installed into
container.img and loaded into  0x84000000.

Due Trusty OS addresss is in 0xfe000000 which
ROM cannot reach, so use ATF to copy it into
the target address.
Mapped the BL32 code into MMU due the Trusty
SPD need to check the code status and decide
the CPU executing mode.

To reserve and protect the memory for secure
world, modify the partition code to keep
BL32 spaces in secure_part.

Signed-off-by: Haoran.Wang <elven.wang@nxp.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
---
 plat/imx/imx8qm/imx8qm_bl31_setup.c     | 100 ++++++++++++++++++++++++++++++--
 plat/imx/imx8qm/include/platform_def.h  |  11 ++++
 plat/imx/imx8qxp/imx8qxp_bl31_setup.c   | 100 ++++++++++++++++++++++++++++++--
 plat/imx/imx8qxp/include/platform_def.h |  13 ++++-
 4 files changed, 211 insertions(+), 13 deletions(-)

diff --git a/plat/imx/imx8qm/imx8qm_bl31_setup.c b/plat/imx/imx8qm/imx8qm_bl31_setup.c
index c74d92b6..b6d8ed22 100644
--- a/plat/imx/imx8qm/imx8qm_bl31_setup.c
+++ b/plat/imx/imx8qm/imx8qm_bl31_setup.c
@@ -23,7 +23,9 @@
 #include <sec_rsrc.h>
 #include <imx8-pins.h>
 #include <iomux.h>
+#include <string.h>
 
+#define TRUSTY_PARAMS_LEN_BYTES      (4096*2)
 /* linker defined symbols */
 extern unsigned long __RO_START__;
 extern unsigned long __RO_END__;
@@ -169,8 +171,13 @@ void mx8_partition_resources(void)
 	sc_rm_pt_t secure_part, os_part;
 	sc_rm_mr_t mr, mr_record = 64;
 	bool owned, owned2;
-	sc_faddr_t start, end;
+	sc_faddr_t start, end, reg_end;
 	int i;
+#ifdef SPD_trusty
+	sc_rm_mr_t mr_tee = 64;
+	bool mr_tee_atf_same = false;
+	sc_faddr_t reg_start;
+#endif
 
 	err = sc_rm_get_partition(ipc_handle, &secure_part);
 
@@ -205,7 +212,13 @@ void mx8_partition_resources(void)
 
 				if (BL31_BASE >= start && (BL31_LIMIT - 1) <= end) {
 					mr_record = mr; /* Record the mr for ATF running */
-				} else {
+				}
+#ifdef SPD_trusty
+				else if (BL32_BASE >= start && (BL32_LIMIT -1) <= end) {
+					mr_tee = mr;
+				}
+#endif
+				else {
 					err = sc_rm_assign_memreg(ipc_handle, os_part, mr);
 					if (err)
 						ERROR("Memreg assign failed, 0x%lx -- 0x%lx, err %d\n", start, end, err);
@@ -214,21 +227,75 @@ void mx8_partition_resources(void)
 		}
 	}
 
+#ifdef SPD_trusty
+	if (mr_tee != 64) {
+		err = sc_rm_get_memreg_info(ipc_handle, mr_tee, &start, &end);
+		if (err) {
+			ERROR("Memreg get info failed, %u\n", mr_tee);
+		} else {
+			if ((BL32_LIMIT - 1) < end) {
+				err = sc_rm_memreg_alloc(ipc_handle, &mr, BL32_LIMIT , end);
+				if (err) {
+					ERROR("sc_rm_memreg_alloc failed, 0x%lx -- 0x%lx\n", (sc_faddr_t)BL32_LIMIT, end);
+				} else {
+					err = sc_rm_assign_memreg(ipc_handle, os_part, mr);
+					if (err)
+						ERROR("Memreg assign failed, 0x%lx -- 0x%lx\n", (sc_faddr_t)BL32_LIMIT, end);
+				}
+			}
+
+			if (start < (BL32_BASE - 1)) {
+				err = sc_rm_memreg_alloc(ipc_handle, &mr, start, BL32_BASE - 1);
+				if (err) {
+					ERROR("sc_rm_memreg_alloc failed, 0x%lx -- 0x%lx\n", start, (sc_faddr_t)BL32_BASE - 1);
+				} else {
+					err = sc_rm_assign_memreg(ipc_handle, os_part, mr);
+					if (err)
+						ERROR("Memreg assign failed, 0x%lx -- 0x%lx\n", start, (sc_faddr_t)BL32_BASE - 1);
+				}
+			}
+		}
+	}
+#endif
 	if (mr_record != 64) {
 		err = sc_rm_get_memreg_info(ipc_handle, mr_record, &start, &end);
+#ifdef SPD_trusty
+		if (BL32_BASE >= start && (BL32_LIMIT - 1) <= end)
+			mr_tee_atf_same = true;
+#endif
+		reg_end = end;
 		if (err) {
 			ERROR("Memreg get info failed, %u\n", mr_record);
 		} else {
 			if ((BL31_LIMIT - 1) < end) {
-				err = sc_rm_memreg_alloc(ipc_handle, &mr, BL31_LIMIT, end);
+#ifdef SPD_trusty
+				if ((end > BL32_BASE) && mr_tee_atf_same)
+					reg_end = BL32_BASE - 1;
+#endif
+				err = sc_rm_memreg_alloc(ipc_handle, &mr, BL31_LIMIT, reg_end);
 				if (err) {
-					ERROR("sc_rm_memreg_alloc failed, 0x%lx -- 0x%lx\n", (sc_faddr_t)BL31_LIMIT, end);
+					ERROR("sc_rm_memreg_alloc failed, 0x%lx -- 0x%lx\n", (sc_faddr_t)BL31_LIMIT, reg_end);
 				} else {
 					err = sc_rm_assign_memreg(ipc_handle, os_part, mr);
 					if (err)
-						ERROR("Memreg assign failed, 0x%lx -- 0x%lx\n", (sc_faddr_t)BL31_LIMIT, end);
+						ERROR("Memreg assign failed, 0x%lx -- 0x%lx\n", (sc_faddr_t)BL31_LIMIT, reg_end);
 				}
 			}
+#ifdef SPD_trusty
+			if (mr_tee_atf_same) {
+				if ((BL32_LIMIT - 1) < end) {
+					reg_start = BL32_LIMIT;
+					err = sc_rm_memreg_alloc(ipc_handle, &mr, reg_start, end);
+					if (err) {
+						ERROR("sc_rm_memreg_alloc failed, 0x%lx -- 0x%lx\n", reg_start, reg_end);
+					} else {
+						err = sc_rm_assign_memreg(ipc_handle, os_part, mr);
+					if (err)
+						ERROR("Memreg assign failed, 0x%lx -- 0x%lx\n", reg_start, reg_end);
+					}
+				}
+			}
+#endif
 
 			if (start < (BL31_BASE - 1)) {
 				err = sc_rm_memreg_alloc(ipc_handle, &mr, start, BL31_BASE - 1);
@@ -339,6 +406,15 @@ void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
 	 */
 	bl33_image_ep_info.pc = PLAT_NS_IMAGE_OFFSET;
 	bl33_image_ep_info.spsr = get_spsr_for_bl33_entry();
+#ifdef SPD_trusty
+	SET_PARAM_HEAD(&bl32_image_ep_info, PARAM_EP, VERSION_1, 0);
+	SET_SECURITY_STATE(bl32_image_ep_info.h.attr, SECURE);
+	bl32_image_ep_info.pc = BL32_BASE;
+	bl32_image_ep_info.spsr = 0;
+	memcpy((void*)BL32_BASE,(void*) PLAT_TEE_IMAGE_OFFSET, BL32_SIZE);
+	bl32_image_ep_info.args.arg0 = BL32_SIZE;
+	bl32_image_ep_info.args.arg1 = BL32_BASE;
+#endif
 	SET_SECURITY_STATE(bl33_image_ep_info.h.attr, NON_SECURE);
 
 	/* init the first cluster's cci slave interface */
@@ -349,7 +425,7 @@ void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
 void bl31_plat_arch_setup(void)
 {
 	/* add the mmap */
-	mmap_add_region(BL31_BASE, BL31_BASE, 0x10000,
+	mmap_add_region(BL31_BASE, BL31_BASE, 0x20000,
 			MT_MEMORY | MT_RW);
 	mmap_add_region(BL31_BASE, BL31_BASE, BL31_RO_LIMIT - BL31_RO_BASE,
 			MT_MEMORY | MT_RO);
@@ -366,6 +442,9 @@ void bl31_plat_arch_setup(void)
 	mmap_add_region(IMX_WUP_IRQSTR, IMX_WUP_IRQSTR, 0x10000,
 			MT_DEVICE | MT_RW);
 
+#ifdef SPD_trusty
+	mmap_add_region(BL32_BASE, BL32_BASE, BL32_SIZE, MT_MEMORY | MT_RW);
+#endif
 #if USE_COHERENT_MEM
 	mmap_add_region(BL31_COHERENT_RAM_BASE, BL31_COHERENT_RAM_BASE,
 		BL31_COHERENT_RAM_LIMIT - BL31_COHERENT_RAM_BASE,
@@ -403,3 +482,12 @@ void bl31_plat_runtime_setup(void)
 {
 	return;
 }
+
+#ifdef SPD_trusty
+void plat_trusty_set_boot_args(aapcs64_params_t *args)
+{
+	args->arg0 = BL32_SIZE;
+	args->arg1 = BL32_BASE;
+	args->arg2 = TRUSTY_PARAMS_LEN_BYTES;
+}
+#endif
diff --git a/plat/imx/imx8qm/include/platform_def.h b/plat/imx/imx8qm/include/platform_def.h
index 5d949ec1..c68cbd16 100644
--- a/plat/imx/imx8qm/include/platform_def.h
+++ b/plat/imx/imx8qm/include/platform_def.h
@@ -31,6 +31,13 @@
 #define BL31_BASE			0x80000000
 #define BL31_LIMIT			0x80020000
 
+#ifdef SPD_trusty
+#define BL32_BASE			0xfe000000
+#define BL32_SIZE			0x00200000
+#define BL32_LIMIT			0x100000000
+#define PLAT_TEE_IMAGE_OFFSET		0x84000000
+#endif
+
 /* non-secure uboot base */
 #define PLAT_NS_IMAGE_OFFSET		0x80020000
 
@@ -61,5 +68,9 @@
 #define COUNTER_FREQUENCY		8000000 /* 8MHz */
 
 #define DEBUG_CONSOLE			0
+#ifdef SPD_trusty
+#define DEBUG_CONSOLE_A53		1
+#else
 #define DEBUG_CONSOLE_A53		0
+#endif
 #define PLAT_IMX8QM			1
diff --git a/plat/imx/imx8qxp/imx8qxp_bl31_setup.c b/plat/imx/imx8qxp/imx8qxp_bl31_setup.c
index 85e67f4a..470f6254 100644
--- a/plat/imx/imx8qxp/imx8qxp_bl31_setup.c
+++ b/plat/imx/imx8qxp/imx8qxp_bl31_setup.c
@@ -23,6 +23,9 @@
 #include <sec_rsrc.h>
 #include <imx8-pins.h>
 #include <iomux.h>
+#include <string.h>
+
+#define TRUSTY_PARAMS_LEN_BYTES      (4096*2)
 
 /* linker defined symbols */
 #if USE_COHERENT_MEM
@@ -160,8 +163,13 @@ void imx8_partition_resources(void)
 	sc_rm_pt_t secure_part, os_part;
 	sc_rm_mr_t mr, mr_record = 64;
 	bool owned;
-	sc_faddr_t start, end;
+	sc_faddr_t start, end, reg_end;
 	int i;
+#ifdef SPD_trusty
+	sc_rm_mr_t mr_tee = 64;
+	bool mr_tee_atf_same = false;
+	sc_faddr_t reg_start;
+#endif
 
 	err = sc_rm_get_partition(ipc_handle, &secure_part);
 
@@ -196,7 +204,13 @@ void imx8_partition_resources(void)
 
 				if (BL31_BASE >= start && (BL31_LIMIT - 1) <= end) {
 					mr_record = mr; /* Record the mr for ATF running */
-				} else {
+				}
+#ifdef SPD_trusty
+				else if (BL32_BASE >= start && (BL32_LIMIT -1) <= end) {
+					mr_tee = mr;
+				}
+#endif
+				else {
 					err = sc_rm_assign_memreg(ipc_handle, os_part, mr);
 					if (err)
 						ERROR("Memreg assign failed, 0x%lx -- 0x%lx, err %d\n", start, end, err);
@@ -205,21 +219,75 @@ void imx8_partition_resources(void)
 		}
 	}
 
+#ifdef SPD_trusty
+	if (mr_tee != 64) {
+		err = sc_rm_get_memreg_info(ipc_handle, mr_tee, &start, &end);
+		if (err) {
+			ERROR("Memreg get info failed, %u\n", mr_tee);
+		} else {
+			if ((BL32_LIMIT - 1) < end) {
+				err = sc_rm_memreg_alloc(ipc_handle, &mr, BL32_LIMIT , end);
+				if (err) {
+					ERROR("sc_rm_memreg_alloc failed, 0x%lx -- 0x%lx\n", (sc_faddr_t)BL32_LIMIT, end);
+				} else {
+					err = sc_rm_assign_memreg(ipc_handle, os_part, mr);
+					if (err)
+						ERROR("Memreg assign failed, 0x%lx -- 0x%lx\n", (sc_faddr_t)BL32_LIMIT, end);
+				}
+			}
+
+			if (start < (BL32_BASE - 1)) {
+				err = sc_rm_memreg_alloc(ipc_handle, &mr, start, BL32_BASE - 1);
+				if (err) {
+					ERROR("sc_rm_memreg_alloc failed, 0x%lx -- 0x%lx\n", start, (sc_faddr_t)BL32_BASE - 1);
+				} else {
+					err = sc_rm_assign_memreg(ipc_handle, os_part, mr);
+					if (err)
+						ERROR("Memreg assign failed, 0x%lx -- 0x%lx\n", start, (sc_faddr_t)BL32_BASE - 1);
+				}
+			}
+		}
+	}
+#endif
 	if (mr_record != 64) {
 		err = sc_rm_get_memreg_info(ipc_handle, mr_record, &start, &end);
+#ifdef SPD_trusty
+		if (BL32_BASE >= start && (BL32_LIMIT - 1) <= end)
+			mr_tee_atf_same = true;
+#endif
+		reg_end = end;
 		if (err) {
 			ERROR("Memreg get info failed, %u\n", mr_record);
 		} else {
 			if ((BL31_LIMIT - 1) < end) {
-				err = sc_rm_memreg_alloc(ipc_handle, &mr, BL31_LIMIT, end);
+#ifdef SPD_trusty
+				if ((end > BL32_BASE) && mr_tee_atf_same)
+					reg_end = BL32_BASE - 1;
+#endif
+				err = sc_rm_memreg_alloc(ipc_handle, &mr, BL31_LIMIT, reg_end);
 				if (err) {
-					ERROR("sc_rm_memreg_alloc failed, 0x%lx -- 0x%lx\n", (sc_faddr_t)BL31_LIMIT, end);
+					ERROR("sc_rm_memreg_alloc failed, 0x%lx -- 0x%lx\n", (sc_faddr_t)BL31_LIMIT, reg_end);
 				} else {
 					err = sc_rm_assign_memreg(ipc_handle, os_part, mr);
 					if (err)
-						ERROR("Memreg assign failed, 0x%lx -- 0x%lx\n", (sc_faddr_t)BL31_LIMIT, end);
+						ERROR("Memreg assign failed, 0x%lx -- 0x%lx\n", (sc_faddr_t)BL31_LIMIT, reg_end);
 				}
 			}
+#ifdef SPD_trusty
+			if (mr_tee_atf_same) {
+				if ((BL32_LIMIT - 1) < end) {
+					reg_start = BL32_LIMIT;
+					err = sc_rm_memreg_alloc(ipc_handle, &mr, reg_start, end);
+					if (err) {
+						ERROR("sc_rm_memreg_alloc failed, 0x%lx -- 0x%lx\n", reg_start, reg_end);
+					} else {
+						err = sc_rm_assign_memreg(ipc_handle, os_part, mr);
+					if (err)
+						ERROR("Memreg assign failed, 0x%lx -- 0x%lx\n", reg_start, reg_end);
+					}
+				}
+			}
+#endif
 
 			if (start < (BL31_BASE - 1)) {
 				err = sc_rm_memreg_alloc(ipc_handle, &mr, start, BL31_BASE - 1);
@@ -316,6 +384,15 @@ void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
 	 */
 	bl33_image_ep_info.pc = PLAT_NS_IMAGE_OFFSET;
 	bl33_image_ep_info.spsr = get_spsr_for_bl33_entry();
+#ifdef SPD_trusty
+	SET_PARAM_HEAD(&bl32_image_ep_info, PARAM_EP, VERSION_1, 0);
+	SET_SECURITY_STATE(bl32_image_ep_info.h.attr, SECURE);
+	bl32_image_ep_info.pc = BL32_BASE;
+	bl32_image_ep_info.spsr = 0;
+	memcpy((void*)BL32_BASE,(void*) PLAT_TEE_IMAGE_OFFSET, BL32_SIZE);
+	bl32_image_ep_info.args.arg0 = BL32_SIZE;
+	bl32_image_ep_info.args.arg1 = BL32_BASE;
+#endif
 	SET_SECURITY_STATE(bl33_image_ep_info.h.attr, NON_SECURE);
 }
 
@@ -326,7 +403,7 @@ void bl31_plat_arch_setup(void)
 	 * Change to 128KB?
 	 * Fix Me
 	 */
-	mmap_add_region(BL31_BASE, BL31_BASE, 0x10000,
+	mmap_add_region(BL31_BASE, BL31_BASE, 0x20000,
 			MT_MEMORY | MT_RW);
 	mmap_add_region(BL31_BASE, BL31_BASE, BL31_RO_LIMIT - BL31_RO_BASE,
 			MT_MEMORY | MT_RO);
@@ -342,6 +419,9 @@ void bl31_plat_arch_setup(void)
 //			MT_DEVICE | MT_RW);
 	mmap_add_region(IMX_WUP_IRQSTR, IMX_WUP_IRQSTR, 0x10000,
 			MT_DEVICE | MT_RW);
+#ifdef SPD_trusty
+	mmap_add_region(BL32_BASE, BL32_BASE, BL32_SIZE, MT_MEMORY | MT_RW);
+#endif
 
 #if USE_COHERENT_MEM
 	mmap_add_region(BL31_COHERENT_RAM_BASE, BL31_COHERENT_RAM_BASE,
@@ -387,3 +467,11 @@ void bl31_plat_runtime_setup(void)
 {
 	return;
 }
+#ifdef SPD_trusty
+void plat_trusty_set_boot_args(aapcs64_params_t *args)
+{
+	args->arg0 = BL32_SIZE;
+	args->arg1 = BL32_BASE;
+	args->arg2 = TRUSTY_PARAMS_LEN_BYTES;
+}
+#endif
diff --git a/plat/imx/imx8qxp/include/platform_def.h b/plat/imx/imx8qxp/include/platform_def.h
index b04f173f..ce31e0ab 100644
--- a/plat/imx/imx8qxp/include/platform_def.h
+++ b/plat/imx/imx8qxp/include/platform_def.h
@@ -28,6 +28,13 @@
 #define BL31_BASE			0x80000000
 #define BL31_LIMIT			0x80020000
 
+#ifdef SPD_trusty
+#define BL32_BASE			0xfe000000
+#define BL32_SIZE			0x00200000
+#define BL32_LIMIT			0x100000000
+#define PLAT_TEE_IMAGE_OFFSET		0x84000000
+#endif
+
 /* non-secure uboot base */
 #define PLAT_NS_IMAGE_OFFSET		0x80020000
 
@@ -40,7 +47,7 @@
 #define PLAT_PHY_ADDR_SPACE_SIZE	(1ull << 32)
 
 #define MAX_XLAT_TABLES			8
-#define MAX_MMAP_REGIONS		8
+#define MAX_MMAP_REGIONS		9
 
 #define IMX_WUP_IRQSTR			0x51090000
 #define IMX_BOOT_UART_BASE		0x5a060000
@@ -53,5 +60,9 @@
 #define COUNTER_FREQUENCY		8000000 /* 8MHz */
 
 #define DEBUG_CONSOLE			0
+#ifdef SPD_trusty
+#define DEBUG_CONSOLE_A35		1
+#else
 #define DEBUG_CONSOLE_A35		0
+#endif
 #define PLAT_IMX8QXP			1
-- 
cgit v1.2.3