Add support for Rockchip rk3588 #7059
Conversation
There was a problem hiding this comment.
Hi @edtubbs, thanks for the patch. Please add you Signed-off-by: tag to the commit description, as well as:
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
|
Unrelated question, but do you have the registers for doing this on the rk3568 as well? It looks like some of them (the easy ones) can be pulled from the TRM, but there are others I'm curious about. Also, will you be adding the HUC stuff as well? That might come in handy if we need to program the RPMB of an eMMC. Thank you. |
| #define SGRF_BASE 0xfd58c000 | ||
| #define SGRF_SIZE SIZE_K(64) | ||
|
|
||
| #define FIREWALL_DDR_BASE 0xfe030000 |
There was a problem hiding this comment.
I see rk3588 has two firewalls: FIREWALL_DDR with base address 0xFE030000 and FIREWALL_SYSMEM with base address 0xFE038000 have you been able to find out the difference? I guess the FIREWALL_DDR hold MMU registers, and FIREWALL_SYSMEM holds SMMU registers, but I cannot confirm this.
|
|
||
| register_phys_mem_pgdir(MEM_AREA_IO_SEC, SGRF_BASE, SGRF_SIZE); | ||
|
|
||
| int platform_secure_ddr_region(int rgn, paddr_t st, size_t sz) |
There was a problem hiding this comment.
How have you been able to find out how to set MMU configuration for this SoC? I cannot find any exact MMU register mappings in SoC's TRM. Actually, this file seems like a platform_rk3399.c copy.
There was a problem hiding this comment.
Many different hardware blocks have their own MMUs. Most are the same type, but not always. These tend to be something different than the ARM SMMU type (these also exist, protecting PCIE and PHP blocks). They are documented in the TRMs in each block's respective chapter, although it is mostly in the register sections.
|
This pull request has been marked as a stale pull request because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this pull request will automatically be closed in 5 days. Note, that you can always re-open a closed issue at any time. |
|
Any chance of this getting merged? Is it awaiting responses to @DaniilKl's questions? |
Yes. I'd like to make sure the config is correct, and if the file is indeed the same as rk3399 then it should be renamed not duplicated. |
|
Thanks for the feedback! I referenced TF-A values in rk3588_def.h for The |
@edtubbs, if it does so, why you are using SGRF registers instead of FIREWALL_DDR to configure memory protection for OP-TEE OS in |
|
|
|
Here’s the debug log confirming |
What is the source of this information, could you reference it? I tried to verify this using RK3588 publicly available TRMs, but was unable to do that. The TRMs miss information for all
This is not a confirmation of the correct configuration of protection of the memory regions. Actually, does OP-TEE have any tests for confirming the correctness of the regions protection configuration a posteriori? |
|
U-Boot configures component access (SDMMC, eMMC, crypto_ns, FSPI) by master to DDR regions using The |
|
You can find the meaning of the FIREWALL_xxx blocks here: https://github.com/DualTachyon/rk3588-svd/tree/main/def/security/firewall |
Enables support for NanoPC-T6 Based on support for ROCK 4 Signed-off-by: Ed Tubbs <ectubbs@gmail.com> Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
|
I've updated the patch to map and enable the DDR firewall, following the TF-A approach (reference). Verified protections by reading near region boundaries in U-Boot: |
Added support for the RK3588 to enable NanoPC-T6, based on the ROCK4 platform. NanoPC-T6 will also be added to the manifest and build repositories:
https://github.com/edtubbs/manifest/tree/nanopc-t6
https://github.com/edtubbs/build/tree/nanopc-t6