MTK啟動記憶體地址TEE,ATF啟動地址計算
在移植TEE OS到MTK的過程中,遇到一個ATF,TEE啟動地址
的運算問題,跟了下程式碼流程,把大概的過程記錄下。注意這裡說的是RAM地址,你
真的瞭解RAM地址嗎? 你認為Android system和data有ram地址分割槽嗎?
1. MTK總main入口
Main.c android_mtk_6755_mp\vendor\mediatek\proprietary\bootable\bootloader\preloader\platform\mt6755\src\core
static int bldr_load_images(u32 *jump_addr) {
#elif CFG_LOAD_UBOOT
addr = CFG_UBOOT_MEMADDR
ret = bldr_load_part_lk(bootdev, &addr, &size); //每個分割槽有些自定義需要處理的fun,非統一
print("LK addr: 0x%x, size: 0x%x\n", addr, size);
#if CFG_ATF_SUPPORT
addr = CFG_ATF_ROM_MEMADDR;
ret = bldr_load_tee_part("tee1", bootdev, &addr, 0, &size);
if (ret) {
addr = CFG_ATF_ROM_MEMADDR;
ret = bldr_load_tee_part("tee2", bootdev, &addr, 0, &size);
if (ret)
return ret;
}
print("%s bldr load tee part ret=0x%x, addr=0x%x\n", MOD, ret, addr);
#endif
2. int bldr_load_tee_part(char *name, blkdev_t *bdev, u32 *addr, u32 offset, u32 *size) {
Loader 了兩次, ATF + TEE === 》 TrustZone.bin 這個檔案是mtk使用指令碼編譯打包一次
#if CFG_TEE_SUPPORT
{
u32 tee_addr = 0;
u32 next_offset = sizeof(part_hdr_t) + *size;
ret = part_load(bdev, part, &tee_addr, next_offset, size);
3. u32 tee_get_load_addr(u32 maddr)
{
u32 ret_addr = 0;
u64 limit_addr = 0x100000000;
#if CFG_MICROTRUST_TEE_SUPPORT
limit_addr = 0xB0000000;
#endif
tee_secmem_start = (u32)mblock_reserve(&bootarg.mblock_info,
(u64)(tee_secmem_size + ATF_LOG_BUFFER_SIZE), (u64)TEE_MEM_ALIGNMENT,
limit_addr, RANKMAX); // 這個函式很關鍵,裡面仔細研讀下
#endif // !CFG_GOOGLE_TRUSTY_SUPPORT
* reserve a memory from mblock
* @mblock_info: address of mblock_info
* @reserved_size: size of memory
* @align: alignment
* @limit: address limit. Must higher than return address + reserved_size
* @rank: preferable rank, the returned address is in rank or lower ranks
* It returns as high rank and high address as possible. (consider rank first)
u64 mblock_reserve(mblock_info_t *mblock_info, u64 reserved_size, u64 align, u64 limit,
enum reserve_rank rank)
4. ROM Partion 非RAM地址,不是一個概念
device\mediatek\build\build\tools\ptgen\MT6737T\partition_table_MT6737T.xls
5. 列印Log
[PART] load speed: 31517KB/s, 419568 bytes, 13ms
[PART] Image with part header
[PART] name : atf
[PART] addr : FFFFFFFFh mode : 0
[PART] size : 64512
[PART] magic: 58881688h
0x43001000-0x240
[PART] load "tee1" from 0x0000000006000200 (dev) to 0x43000DC0 (mem) [SUCCESS] FC00
[PART] load speed: 21000KB/s, 64512 bytes, 3ms 0xA600000-0x2400 0xA5FFFDC0
GCPU Enhance,V1.0
[TZ_INIT] tee_verify_image : passed
[PART] Image with part header
[PART] name : tee
[PART] addr : A000240h mode : 0
[PART] size : 197632
[PART] magic: 58881688h
[tee_get_load_addr] maddr: 0xA000240, tee_extra_mem_size: 0x0, tee_secmem_size: 0x0,atf_log_buf_start: 0x0, tee_secmem_start: 0x0
[yong] mblock[0].start: 0x0000000040000000, sz: 0x0000000040000000, limit: 0x00000000B0000000, max_addr: 0x0000000000000000, max_rank: 1, target: -1, mblock[].rank: 0, reserved_addr: 0x0000000075FC0000,reserved_size: 0x000000000A040000
mblock_reserve dbg[0]: 0, 1, 1, 1, 1
[yong] mblock[1].start: 0x0000000080000000, sz: 0x0000000040000000, limit: 0x00000000B0000000, max_addr: 0x0000000080000000, max_rank: 1, target: 0, mblock[].rank: 1, reserved_addr: 0x00000000A5FC0000,reserved_size: 0x000000000A040000
mblock_reserve dbg[1]: 1, 1, 1, 1, 1
mblock[1]: 0000000080000000, 0000000025FC0000 from mblock
mblock[2]: 00000000B0000000, 0000000010000000 from mblock
mblock_reserve: 00000000A5FC0000 - 00000000B0000000 from mblock 1
mblock-debug[0].start: 0x0000000040000000, sz: 0x0000000040000000
mblock-debug[1].start: 0x0000000080000000, sz: 0x0000000025FC0000
mblock-debug[2].start: 0x00000000B0000000, sz: 0x0000000010000000
[tee_get_load_addr] mblock_num: 1107817144, mblock[0].start: 0x40000000, mblock[0].size: 0x0, mblock[1].start: 0x40000000, mblock[1].size: 0x0
[tee_get_load_addr] maddr: 0xA000240, tee_extra_mem_size: 0x240, tee_secmem_size: 0xA000000,atf_log_buf_start: 0xA5FC0000, tee_secmem_start: 0xA6000000
[PART] load "tee1" from 0x0000000006010000 (dev) to 0xA5FFFDC0 (mem) [SUCCESS]
[PART] load speed: 32166KB/s, 197632 bytes, 6ms
[TZ_INIT] tee_verify_image : passed
[TZ_INIT] TEE start entry : 0xA6000000
[BLDR] bldr load tee part ret=0x0, addr=0x43001000