github.com/transparency-dev/armored-witness-boot@v0.1.0/mem_bee.go (about)

     1  // Copyright 2022 The Armored Witness Boot authors. All Rights Reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  //go:build bee
    16  // +build bee
    17  
    18  package main
    19  
    20  import (
    21  	"log"
    22  	_ "unsafe"
    23  
    24  	"github.com/usbarmory/tamago/arm"
    25  	"github.com/usbarmory/tamago/soc/nxp/bee"
    26  	"github.com/usbarmory/tamago/soc/nxp/imx6ul"
    27  )
    28  
    29  //go:linkname ramStart runtime.ramStart
    30  var ramStart uint32 = 0x90000000
    31  
    32  //go:linkname ramSize runtime.ramSize
    33  var ramSize uint32 = 0x08000000
    34  
    35  // DMA region for bootloader operation
    36  const (
    37  	dmaStart = 0x98000000
    38  	dmaSize  = 0x08000000
    39  )
    40  
    41  // DMA region for target kernel boot
    42  const (
    43  	// This memory layout enables AES CTR encryption for all external RAM
    44  	// through BEE, when used the target kernel must be compiled for the
    45  	// aliased memory region.
    46  	memoryStart = bee.AliasRegion0
    47  	memorySize  = 0x10000000
    48  )
    49  
    50  func init() {
    51  	if !imx6ul.Native {
    52  		log.Fatalf("could not activate BEE: unsupported under emulation")
    53  	}
    54  
    55  	if imx6ul.BEE == nil {
    56  		log.Fatalf("could not activate BEE: unsupported hardware")
    57  	}
    58  
    59  	// Encrypt 1GB of external RAM, this is the maximum extent either
    60  	// covered by the BEE or available on USB armory Mk II boards.
    61  	region0 := uint32(imx6ul.MMDC_BASE)
    62  	region1 := region0 + bee.AliasRegionSize
    63  
    64  	imx6ul.BEE.Init()
    65  	defer imx6ul.BEE.Lock()
    66  
    67  	if err := imx6ul.BEE.Enable(region0, region1); err != nil {
    68  		log.Fatalf("could not activate BEE: %v", err)
    69  	}
    70  
    71  	imx6ul.ARM.ConfigureMMU(
    72  		bee.AliasRegion0,
    73  		bee.AliasRegion1 + bee.AliasRegionSize,
    74  		0,
    75  		arm.TTE_CACHEABLE | arm.TTE_BUFFERABLE | arm.TTE_SECTION | arm.TTE_AP_001<<10,
    76  	)
    77  }