diff mbox series

trusted-firmware-a: fix panic on kv260/zynqmp

Message ID 20240930133929.10654-1-mikko.rapeli@linaro.org
State New
Headers show
Series trusted-firmware-a: fix panic on kv260/zynqmp | expand

Commit Message

Mikko Rapeli Sept. 30, 2024, 1:39 p.m. UTC 
kv260 with optee and secure-boot panics without this fix:

https://ledge.validation.linaro.org/scheduler/job/93620

Xilinx Zynq MP First Stage Boot Loader

Release 2022.2   Oct  7 2022  -  04:56:16
MultiBootOffset: 0x40
Reset Mode	:	System Reset
Platform: Silicon (4.0), Running on A53-0 (64-bit) Processor, Device
Name: XCZUUNKNEG

QSPI 32 bit Boot Mode

FlashID=0x20 0xBB 0x20

PMU Firmware 2022.2	Oct  7 2022   04:56:16
PMU_ROM Version: xpbr-v8.1.0-0
�I/TC:
I/TC: OP-TEE version: 4.2.0-dev (gcc version 14.1.0 (GCC)) #1 Fri Apr 12
09:51:21 UTC 2024 aarch64
I/TC: WARNING: This OP-TEE configuration might be insecure!
I/TC: WARNING: Please check
https://optee.readthedocs.io/en/latest/architecture/porting_guidelines.html
I/TC: Primary CPU initializing
I/TC: Primary CPU switching to normal world boot
PANIC at PC : 0x00000000fffed94c

Fix proposed by MaheedharSai.Bollapalli@amd.com

Cc: MaheedharSai.Bollapalli@amd.com
Cc: michal.simek@amd.com
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
---
 ...-handle-secure-SGI-at-EL1-for-OP-TEE.patch | 33 +++++++++++++++++++
 .../trusted-firmware-a_2.10.4.bb              |  1 +
 .../trusted-firmware-a_2.11.0.bb              |  1 +
 3 files changed, 35 insertions(+)
 create mode 100644 meta-arm/recipes-bsp/trusted-firmware-a/files/0001-fix-zynqmp-handle-secure-SGI-at-EL1-for-OP-TEE.patch

Comments

Jon Mason Sept. 30, 2024, 4:24 p.m. UTC | #1 
On Mon, 30 Sep 2024 16:39:29 +0300, Mikko Rapeli wrote:
> kv260 with optee and secure-boot panics without this fix:
> 
> https://ledge.validation.linaro.org/scheduler/job/93620
> 
> Xilinx Zynq MP First Stage Boot Loader
> 
> Release 2022.2   Oct  7 2022  -  04:56:16
> MultiBootOffset: 0x40
> Reset Mode	:	System Reset
> Platform: Silicon (4.0), Running on A53-0 (64-bit) Processor, Device
> Name: XCZUUNKNEG
> 
> [...]

Applied, thanks!

[1/1] trusted-firmware-a: fix panic on kv260/zynqmp
      commit: 890cbb98411407714224584e6b15cb1e7450a387

Best regards,
diff mbox series

Patch

diff --git a/meta-arm/recipes-bsp/trusted-firmware-a/files/0001-fix-zynqmp-handle-secure-SGI-at-EL1-for-OP-TEE.patch b/meta-arm/recipes-bsp/trusted-firmware-a/files/0001-fix-zynqmp-handle-secure-SGI-at-EL1-for-OP-TEE.patch
new file mode 100644
index 00000000..3dcc2de8
--- /dev/null
+++ b/meta-arm/recipes-bsp/trusted-firmware-a/files/0001-fix-zynqmp-handle-secure-SGI-at-EL1-for-OP-TEE.patch
@@ -0,0 +1,33 @@ 
+From f5b2fa90e0c0324f31e72429e7a7382f49a25912 Mon Sep 17 00:00:00 2001
+From: Shen Jiamin <shen_jiamin@comp.nus.edu.sg>
+Date: Wed, 24 Jul 2024 18:58:55 +0800
+Subject: [PATCH] fix(zynqmp): handle secure SGI at EL1 for OP-TEE
+
+OP-TEE requires SGIs to be handled at S-EL1. The
+Makefile was not properly setting the flag
+GICV2_G0_FOR_EL3 to 0 when the SPD is OP-TEE.
+
+Change-Id: I256afa37ddf4ad4a154c43d51807de670c3689bb
+Signed-off-by: Shen Jiamin <shen_jiamin@comp.nus.edu.sg>
+---
+ plat/xilinx/zynqmp/platform.mk | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Upstream-Status: Backport
+
+diff --git a/plat/xilinx/zynqmp/platform.mk b/plat/xilinx/zynqmp/platform.mk
+index c340009d0..22eceb621 100644
+--- a/plat/xilinx/zynqmp/platform.mk
++++ b/plat/xilinx/zynqmp/platform.mk
+@@ -21,7 +21,7 @@ ENABLE_LTO := 1
+ EL3_EXCEPTION_HANDLING := $(SDEI_SUPPORT)
+ 
+ # pncd SPD requires secure SGI to be handled at EL1
+-ifeq (${SPD}, $(filter ${SPD},pncd tspd))
++ifeq (${SPD}, $(filter ${SPD},pncd tspd opteed))
+ ifeq (${ZYNQMP_WDT_RESTART},1)
+ $(error "Error: ZYNQMP_WDT_RESTART and SPD=pncd are incompatible")
+ endif
+-- 
+2.34.1
+
diff --git a/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.10.4.bb b/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.10.4.bb
index f7da5082..8cdfda44 100644
--- a/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.10.4.bb
+++ b/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.10.4.bb
@@ -16,4 +16,5 @@  LIC_FILES_CHKSUM_MBEDTLS = "file://mbedtls/LICENSE;md5=3b83ef96387f14655fc854ddc
 # continue to boot also without TPM
 SRC_URI += "\
     file://0001-qemu_measured_boot.c-ignore-TPM-error-and-continue-w.patch \
+    file://0001-fix-zynqmp-handle-secure-SGI-at-EL1-for-OP-TEE.patch \
 "
diff --git a/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.11.0.bb b/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.11.0.bb
index 27cdfc09..cb73b48d 100644
--- a/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.11.0.bb
+++ b/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.11.0.bb
@@ -16,4 +16,5 @@  LIC_FILES_CHKSUM_MBEDTLS = "file://mbedtls/LICENSE;md5=379d5819937a6c2f1ef1630d3
 # continue to boot also without TPM
 SRC_URI += "\
     file://0001-qemu_measured_boot.c-ignore-TPM-error-and-continue-w.patch \
+    file://0001-fix-zynqmp-handle-secure-SGI-at-EL1-for-OP-TEE.patch \
 "