On Mon, 18 May 2026 at 12:12, Anshul Dalal <[email protected]> wrote:
>
> On Mon May 18, 2026 at 1:34 PM IST, Ilias Apalodimas wrote:
> > Hi Anshul
> >
> > On Tue, 12 May 2026 at 14:03, Anshul Dalal <[email protected]> wrote:
> >>
> >> Currently the sequence to enable caches for the A53/A72 core on K3
> >> devices looks as follows:
> >>
> >> 1. Map entire DDR banks
> >> 2. Setup page tables and enable MMU (done by mmu_setup)
> >> 3. Unmap reserved-memory regions
> >> 4. Enable caches
> >>
> >> However there is a brief period of execution between #2 and #3 where the
> >> core can issue speculative accesses to the entire DDR space (including
> >> the reserved-memory regions) despite the caches being disabled.
> >
> > This is indeed a problem and the fix looks correct.
> > What worries me though is that the mmu is common across v8 boards. Is
> > there a way to generalize this instead of adding per board variants?
> >
>
> I think the issue here is that mmu_setup does two things, first it sets
> up the page tables and then it enables the MMU right after that.
>
> We could modify mmu_setup so that it only does the former as follows:
>
> --- a/arch/arm/cpu/armv8/cache_v8.c
> +++ b/arch/arm/cpu/armv8/cache_v8.c
> @@ -801,20 +801,20 @@ static void setup_all_pgtables(void)
> /* to activate the MMU we need to set up virtual memory */
> __weak void mmu_setup(void)
> {
> int el;
>
> + /* disable the mmu */
> + set_sctlr(get_sctlr() & ~CR_M);
> +
> /* Set up page tables only once */
> if (!gd->arch.tlb_fillptr)
> setup_all_pgtables();
>
> el = current_el();
> set_ttbr_tcr_mair(el, gd->arch.tlb_addr, get_tcr(NULL, NULL),
> MEMORY_ATTRIBUTES);
> -
> - /* enable the mmu */
> - set_sctlr(get_sctlr() | CR_M);
> }
>
> Then we can have an `mmu_enable` to explicitly enable the MMU:
>
> void mmu_enable(void) {
> /* enable the mmu */
> set_sctlr(get_sctlr() | CR_M);
> }
Ok that sounds reasonable. I greped for mmu_setup() and
dcache_enable(), but I can't estimate how intrusive this is going to
be to include all v8 boards.
Thanks
/Ilias
>
> Regards,
> Anshul
>
> >
> >>
> >> A firewall exception is triggered whenever such speculative access is
> >> made to secure DDR region of TFA or OP-TEE. This patch fixes the issue
> >> by re-ordering the sequence as follows:
> >>
> >> 1. Map entire DDR banks
> >> 2. Setup page tables
> >> 3. Unmap reserved-memory regions
> >> 4. Enable MMU
> >> 5. Enable caches
> >>
> >> Fixes: f1c694b8fdde ("mach-k3: map all banks using
> >> mem_map_from_dram_banks")
> >> Signed-off-by: Anshul Dalal <[email protected]>
> >> ---
>
> [snip]
