feat(ethos-n): add separate RO and RW NSAIDs To be able to further restrict the memory access for the Arm(R) Ethos(TM)-N NPU, separate read-only and read/write NSAIDs for the non-protected and protected memory have been added to the Juno platform's TZMP1 TZC configuration for the NPU. The platform definition has been updated accordingly and the NPU driver will now only give read/write access to the streams that require it. Signed-off-by: Mikael Olsson <mikael.olsson@arm.com> Change-Id: I5a173500fc1943a5cd406a3b379e1f1f554eeda6

commit: 80b61f5430781dc0be5a9dd49b6d572c4f2b26d8 [log] [tgz]
author: Mikael Olsson <mikael.olsson@arm.com> Tue Mar 14 18:29:06 2023 +0100
committer: Joanna Farley <joanna.farley@arm.com> Tue Apr 04 11:37:55 2023 +0200
tree: f1e5601ef5ec2529992aca422977bd05423a6011
parent: c7d3a27671da00d68a12b46771a09074cc733916 [diff]
diff --git a/docs/getting_started/porting-guide.rst b/docs/getting_started/porting-guide.rst
index 5b88fcb..1a4b107 100644
--- a/docs/getting_started/porting-guide.rst
+++ b/docs/getting_started/porting-guide.rst

@@ -582,10 +582,25 @@
   Defines the Non-secure Access IDentity (NSAID) that the NPU shall use to
   access the protected memory that contains the NPU's firmware.
 
-- **ARM_ETHOSN_NPU_PROT_DATA_NSAID**
+- **ARM_ETHOSN_NPU_PROT_DATA_RW_NSAID**
+
+  Defines the Non-secure Access IDentity (NSAID) that the NPU shall use for
+  read/write access to the protected memory that contains inference data.
+
+- **ARM_ETHOSN_NPU_PROT_DATA_RO_NSAID**
+
+  Defines the Non-secure Access IDentity (NSAID) that the NPU shall use for
+  read-only access to the protected memory that contains inference data.
+
+- **ARM_ETHOSN_NPU_NS_RW_DATA_NSAID**
+
+  Defines the Non-secure Access IDentity (NSAID) that the NPU shall use for
+  read/write access to the non-protected memory.
+
+- **ARM_ETHOSN_NPU_NS_RO_DATA_NSAID**
 
-  Defines the Non-secure Access IDentity (NSAID) that the NPU shall use to
-  access the protected memory that contains inference data.
+  Defines the Non-secure Access IDentity (NSAID) that the NPU shall use for
+  read-only access to the non-protected memory.
 
 - **ARM_ETHOSN_NPU_FW_IMAGE_BASE** and **ARM_ETHOSN_NPU_FW_IMAGE_LIMIT**
 

diff --git a/drivers/arm/ethosn/ethosn_smc.c b/drivers/arm/ethosn/ethosn_smc.c
index 6558566..85a12c5 100644
--- a/drivers/arm/ethosn/ethosn_smc.c
+++ b/drivers/arm/ethosn/ethosn_smc.c

@@ -94,11 +94,12 @@
 #define SEC_NPU_ID_REG			U(0xF000)
 #define SEC_NPU_ID_ARCH_VER_SHIFT	U(0X10)
 
-#define FIRMWARE_STREAM_INDEX           U(0x0)
+#define FIRMWARE_STREAM_INDEX		U(0x0)
+#define WORKING_STREAM_INDEX		U(0x1)
 #define PLE_STREAM_INDEX		U(0x4)
-#define INPUT_STREAM_INDEX              U(0x6)
-#define INTERMEDIATE_STREAM_INDEX       U(0x7)
-#define OUTPUT_STREAM_INDEX             U(0x8)
+#define INPUT_STREAM_INDEX		U(0x6)
+#define INTERMEDIATE_STREAM_INDEX	U(0x7)
+#define OUTPUT_STREAM_INDEX		U(0x8)
 
 #define TO_EXTEND_ADDR(addr) \
 	((addr >> SEC_ADDR_EXT_SHIFT) & SEC_ADDR_EXT_MASK)
@@ -154,16 +155,23 @@
 					  bool is_protected)
 {
 	size_t i;
-	uint32_t streams[9] = {0, 0, 0, 0, 0, 0, 0, 0, 0};
+	uint32_t streams[9] = {[0 ... 8] = ARM_ETHOSN_NPU_NS_RO_DATA_NSAID};
 
 	streams[FIRMWARE_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_FW_NSAID;
 	streams[PLE_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_FW_NSAID;
 
+	streams[WORKING_STREAM_INDEX] = ARM_ETHOSN_NPU_NS_RW_DATA_NSAID;
+
 	if (is_protected) {
-		streams[INPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_DATA_NSAID;
+		streams[INPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_RO_DATA_NSAID;
+		streams[INTERMEDIATE_STREAM_INDEX] =
+			ARM_ETHOSN_NPU_PROT_RW_DATA_NSAID;
+		streams[OUTPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_RW_DATA_NSAID;
+	} else {
+		streams[INPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_NS_RO_DATA_NSAID;
 		streams[INTERMEDIATE_STREAM_INDEX] =
-			ARM_ETHOSN_NPU_PROT_DATA_NSAID;
-		streams[OUTPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_DATA_NSAID;
+			ARM_ETHOSN_NPU_NS_RW_DATA_NSAID;
+		streams[OUTPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_NS_RW_DATA_NSAID;
 	}
 
 	for (i = 0U; i < ARRAY_SIZE(streams); ++i) {

diff --git a/plat/arm/board/juno/include/platform_def.h b/plat/arm/board/juno/include/platform_def.h
index 5eaec69..47258cb 100644
--- a/plat/arm/board/juno/include/platform_def.h
+++ b/plat/arm/board/juno/include/platform_def.h

@@ -327,9 +327,14 @@
 
 /* Protected NSAIDs and memory regions for the Arm(R) Ethos(TM)-N NPU driver */
 #ifdef JUNO_ETHOSN_TZMP1
-#define ARM_ETHOSN_NPU_PROT_FW_NSAID	JUNO_ETHOSN_TZC400_NSAID_FW_PROT
-#define ARM_ETHOSN_NPU_PROT_DATA_NSAID	JUNO_ETHOSN_TZC400_NSAID_DATA_PROT
-#define ARM_ETHOSN_NPU_FW_IMAGE_BASE	JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE
+#define ARM_ETHOSN_NPU_PROT_FW_NSAID		JUNO_ETHOSN_TZC400_NSAID_FW_PROT
+#define ARM_ETHOSN_NPU_PROT_RW_DATA_NSAID	JUNO_ETHOSN_TZC400_NSAID_DATA_RW_PROT
+#define ARM_ETHOSN_NPU_PROT_RO_DATA_NSAID	JUNO_ETHOSN_TZC400_NSAID_DATA_RO_PROT
+
+#define ARM_ETHOSN_NPU_NS_RW_DATA_NSAID		JUNO_ETHOSN_TZC400_NSAID_DATA_RW_NS
+#define ARM_ETHOSN_NPU_NS_RO_DATA_NSAID		JUNO_ETHOSN_TZC400_NSAID_DATA_RO_NS
+
+#define ARM_ETHOSN_NPU_FW_IMAGE_BASE		JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE
 #define ARM_ETHOSN_NPU_FW_IMAGE_LIMIT \
 	(JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE + JUNO_ETHOSN_FW_TZC_PROT_DRAM2_SIZE)
 #endif

diff --git a/plat/arm/board/juno/juno_ethosn_tzmp1_def.h b/plat/arm/board/juno/juno_ethosn_tzmp1_def.h
index 131adcd..c3e816a 100644
--- a/plat/arm/board/juno/juno_ethosn_tzmp1_def.h
+++ b/plat/arm/board/juno/juno_ethosn_tzmp1_def.h

@@ -7,8 +7,13 @@
 #ifndef JUNO_ETHOSN_TZMP1_DEF_H
 #define JUNO_ETHOSN_TZMP1_DEF_H
 
-#define JUNO_ETHOSN_TZC400_NSAID_FW_PROT        7
-#define JUNO_ETHOSN_TZC400_NSAID_DATA_PROT      8
+#define JUNO_ETHOSN_TZC400_NSAID_FW_PROT	7
+#define JUNO_ETHOSN_TZC400_NSAID_DATA_RW_PROT	8
+#define JUNO_ETHOSN_TZC400_NSAID_DATA_RO_PROT	13
+
+/* 0 is the default NSAID and is included in PLAT_ARM_TZC_NS_DEV_ACCESS */
+#define JUNO_ETHOSN_TZC400_NSAID_DATA_RW_NS	0
+#define JUNO_ETHOSN_TZC400_NSAID_DATA_RO_NS	14
 
 #define JUNO_ETHOSN_FW_TZC_PROT_DRAM2_SIZE      UL(0x000400000) /* 4 MB */
 #define JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE      (ARM_DRAM2_BASE)
@@ -32,13 +37,17 @@
 #define JUNO_FW_TZC_PROT_ACCESS	\
 	(TZC_REGION_ACCESS_RDWR(JUNO_ETHOSN_TZC400_NSAID_FW_PROT))
 #define JUNO_DATA_TZC_PROT_ACCESS \
-	(TZC_REGION_ACCESS_RDWR(JUNO_ETHOSN_TZC400_NSAID_DATA_PROT))
+	(TZC_REGION_ACCESS_RDWR(JUNO_ETHOSN_TZC400_NSAID_DATA_RW_PROT) | \
+	 TZC_REGION_ACCESS_RD(JUNO_ETHOSN_TZC400_NSAID_DATA_RO_PROT))
+#define JUNO_DATA_TZC_NS_ACCESS \
+	(PLAT_ARM_TZC_NS_DEV_ACCESS | \
+	 TZC_REGION_ACCESS_RD(JUNO_ETHOSN_TZC400_NSAID_DATA_RO_NS))
 
 #define JUNO_ETHOSN_TZMP_REGIONS_DEF					  \
 	{ ARM_AP_TZC_DRAM1_BASE, ARM_EL3_TZC_DRAM1_END + ARM_L1_GPT_SIZE, \
 	  TZC_REGION_S_RDWR, 0 },					  \
 	{ ARM_NS_DRAM1_BASE, ARM_NS_DRAM1_END,				  \
-	  ARM_TZC_NS_DRAM_S_ACCESS, PLAT_ARM_TZC_NS_DEV_ACCESS },	  \
+	  ARM_TZC_NS_DRAM_S_ACCESS, JUNO_DATA_TZC_NS_ACCESS},		  \
 	{ JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE,				  \
 	  JUNO_ETHOSN_FW_TZC_PROT_DRAM2_END,				  \
 	  TZC_REGION_S_RDWR, JUNO_FW_TZC_PROT_ACCESS },			  \
@@ -46,6 +55,6 @@
 	  JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_END,				  \
 	  TZC_REGION_S_NONE, JUNO_DATA_TZC_PROT_ACCESS },		  \
 	{ JUNO_ETHOSN_NS_DRAM2_BASE, JUNO_ETHOSN_NS_DRAM2_END,		  \
-	  ARM_TZC_NS_DRAM_S_ACCESS, PLAT_ARM_TZC_NS_DEV_ACCESS }
+	  ARM_TZC_NS_DRAM_S_ACCESS, JUNO_DATA_TZC_NS_ACCESS}
 
 #endif /* JUNO_ETHOSN_TZMP1_DEF_H */
commit	80b61f5430781dc0be5a9dd49b6d572c4f2b26d8	[log] [tgz]
author	Mikael Olsson <mikael.olsson@arm.com>	Tue Mar 14 18:29:06 2023 +0100
committer	Joanna Farley <joanna.farley@arm.com>	Tue Apr 04 11:37:55 2023 +0200
tree	f1e5601ef5ec2529992aca422977bd05423a6011
parent	c7d3a27671da00d68a12b46771a09074cc733916 [diff]