From patchwork Tue Oct 1 22:02:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: AngeloGioacchino Del Regno X-Patchwork-Id: 11169867 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 445FB1599 for ; Tue, 1 Oct 2019 22:02:19 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 22DCE21A4A for ; Tue, 1 Oct 2019 22:02:19 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="U+1nwzMb" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728086AbfJAWCS (ORCPT ); Tue, 1 Oct 2019 18:02:18 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:34578 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728572AbfJAWCS (ORCPT ); Tue, 1 Oct 2019 18:02:18 -0400 Received: by mail-wr1-f68.google.com with SMTP id a11so17307202wrx.1 for ; Tue, 01 Oct 2019 15:02:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=hNjIRfETItHrHAwc5fX92U90M7+/WUq/4UckUIkwrKY=; b=U+1nwzMbMPc/wlXMV6DiSSz53/4/4mwteHm8yEycRl5mxcLwxtiJRo8Dcl6mYiPd1D V4AkUvBKbcnvgxht9/xzkC1cRDopvdZYfQnW8FXCSErthMJUMhMBBd7bsyq4fhTvfys6 HV4mzO9ps51gnhycq8L7iy5PhV1MHSHtCBOLlA25jMNyb8Y714VQNxoXbI/KLOLG+oAi XGXM5s0rLzn/Odgq+eTdoA9PSOXwcoVuN2LC94unk6i+k1/zHWGhu1zyQpz92AQhjvib jJ2h6YhVNRKtgm3Nz6bydQ3F2s6+BJ54ARw7MWtAC5MynMhr9C8RMq+cSK7rloWlow/Y CEqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hNjIRfETItHrHAwc5fX92U90M7+/WUq/4UckUIkwrKY=; b=GL/i7rNdYNGnLxMNx2um7KN1ZwRIXkY7fyhHz4HNuXUvCpYRXbHZjo4nr1eqnJ7QuE rJROAkDJlMd/gW/1o+CaqaiFqYlyRD5DRnbhgRH5+mSrnwAixKqnl2IxkRk5segG+jKc MJL7oVTuA3o6ebbJfVDKNjn/hbivc4fswa4g5DlsQuc7H4s7GSW7USIFkekfmulWN6N2 NYcAS5xs6M7R4aifFafeTm/cDXH5ZL0kCVaUXFCM3AoK4BvR7L8HDCikVE6EOJTaUoPr f0e80Vjp/Xxk48G6eavFfq+QYx/A9trIz+59tSaK5xCjNi0S6wcIQMh4pb8T3319kBlT ZjiQ== X-Gm-Message-State: APjAAAV2IkjwuQGbukO6NRo/S2WYjzG+it3nd90/lXiJa8UKJypNxPg9 wisHBuonS8SQK3Mu9rtJg80HMVn8tE9hJw== X-Google-Smtp-Source: APXvYqxJYqkrRsARbbE+u7tKld5m6pET9Cw3dddqIrJXkIp4h9SjQ2YmBeS1wqdmJkNWAKkeTVYR6A== X-Received: by 2002:adf:dc41:: with SMTP id m1mr1445wrj.46.1569967335495; Tue, 01 Oct 2019 15:02:15 -0700 (PDT) Received: from IcarusMOD.eternityproject.eu ([93.51.16.173]) by smtp.gmail.com with ESMTPSA id v16sm21811219wrt.12.2019.10.01.15.02.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 01 Oct 2019 15:02:15 -0700 (PDT) From: kholk11@gmail.com To: linux-arm-msm@vger.kernel.org Cc: kholk11@gmail.com, iommu@lists.linux-foundation.org, marijns95@gmail.com, agross@kernel.org, robdclark@gmail.com, joro@8bytes.org Subject: [PATCH v4 7/7] iommu/qcom: Add support for QCIOMMUv2 and QCIOMMU-500 secured contexts Date: Wed, 2 Oct 2019 00:02:05 +0200 Message-Id: <20191001220205.6423-8-kholk11@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20191001220205.6423-1-kholk11@gmail.com> References: <20191001220205.6423-1-kholk11@gmail.com> MIME-Version: 1.0 Sender: linux-arm-msm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-arm-msm@vger.kernel.org From: AngeloGioacchino Del Regno This IOMMU is yet another Qualcomm variant of known IOMMUs, found in Family-B SoCs, such as MSM8956, MSM8976, MSM8953, MSM8917 and others, and that firmware perfectly adheres to this driver logic. This time, though, the catch is that the secure contexts are also secured, meaning that these are programmed by the bootloader or TZ and their "interesting" registers are locked out, so the hypervisor disallows touching them from the non-secure world: in this case the OS is supposed to blindly trust the secure configuration of these contexts and just use them "as they are". For this reason, it is necessary to distinguish between the v1 and 500/v2 secure contexts in this driver in order to adhere to this specification. To do this, add a new DT compatible, named "qcom,msm-iommu-v2-sec" that will trigger the new behavior. For the sake of completeness, also add a "qcom,msm-iommu-v2-ns" so that the human eye gets pleased with it when reading the contexts in the final SoC DT. Of course, the latter is just cosmetic. Signed-off-by: AngeloGioacchino Del Regno --- .../devicetree/bindings/iommu/qcom,iommu.txt | 2 ++ drivers/iommu/qcom_iommu.c | 19 +++++++++++++++++-- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/Documentation/devicetree/bindings/iommu/qcom,iommu.txt b/Documentation/devicetree/bindings/iommu/qcom,iommu.txt index 72ae0595efff..861c0cd9c512 100644 --- a/Documentation/devicetree/bindings/iommu/qcom,iommu.txt +++ b/Documentation/devicetree/bindings/iommu/qcom,iommu.txt @@ -36,6 +36,8 @@ to non-secure vs secure interrupt line. - compatible : Should be one of: - "qcom,msm-iommu-v1-ns" : non-secure context bank - "qcom,msm-iommu-v1-sec" : secure context bank + - "qcom,msm-iommu-v2-ns" : non-secure QSMMUv2/QSMMU500 context bank + - "qcom,msm-iommu-v2-sec" : secure QSMMUv2/QSMMU500 context bank - reg : Base address and size of context bank within the iommu - interrupts : The context fault irq. diff --git a/drivers/iommu/qcom_iommu.c b/drivers/iommu/qcom_iommu.c index 555cbc55b073..eaecb009849c 100644 --- a/drivers/iommu/qcom_iommu.c +++ b/drivers/iommu/qcom_iommu.c @@ -56,6 +56,7 @@ struct qcom_iommu_ctx { struct device *dev; void __iomem *base; bool secure_init; + bool secured_ctx; u8 asid; /* asid and ctx bank # are 1:1 */ struct iommu_domain *domain; }; @@ -303,6 +304,12 @@ static int qcom_iommu_init_domain(struct iommu_domain *domain, ctx->secure_init = true; } + /* Secured QSMMU-500/QSMMU-v2 contexts cannot be programmed */ + if (ctx->secured_ctx) { + ctx->domain = domain; + break; + } + qcom_iommu_reset_ctx(ctx); tcr[0] = pgtbl_cfg.arm_lpae_s1_cfg.tcr; @@ -788,10 +795,15 @@ static int qcom_iommu_ctx_probe(struct platform_device *pdev) if (irq < 0) return -ENODEV; + if (of_device_is_compatible(dev->of_node, "qcom,msm-iommu-v2-sec")) + ctx->secured_ctx = true; + /* clear IRQs before registering fault handler, just in case the * boot-loader left us a surprise: */ - iommu_writel(ctx, ARM_SMMU_CB_FSR, iommu_readl(ctx, ARM_SMMU_CB_FSR)); + if (!ctx->secured_ctx) + iommu_writel(ctx, ARM_SMMU_CB_FSR, + iommu_readl(ctx, ARM_SMMU_CB_FSR)); ret = devm_request_irq(dev, irq, qcom_iommu_fault, @@ -833,6 +845,8 @@ static int qcom_iommu_ctx_remove(struct platform_device *pdev) static const struct of_device_id ctx_of_match[] = { { .compatible = "qcom,msm-iommu-v1-ns" }, { .compatible = "qcom,msm-iommu-v1-sec" }, + { .compatible = "qcom,msm-iommu-v2-ns" }, + { .compatible = "qcom,msm-iommu-v2-sec" }, { /* sentinel */ } }; @@ -850,7 +864,8 @@ static bool qcom_iommu_has_secure_context(struct qcom_iommu_dev *qcom_iommu) struct device_node *child; for_each_child_of_node(qcom_iommu->dev->of_node, child) - if (of_device_is_compatible(child, "qcom,msm-iommu-v1-sec")) + if (of_device_is_compatible(child, "qcom,msm-iommu-v1-sec") || + of_device_is_compatible(child, "qcom,msm-iommu-v2-sec")) return true; return false;