qemu_armv8 setup: secure data path support fails when pager is enabled

[etienne-lms]

This issue is applicable to OP-TEE 2.5.0. Actually, before 2.5.0, the OP-TEE core pager was not available on qemu_armv8 (and ARMv8 in a generic way). Hence this issue is not a regression.

The issue is that bootloader (ATF here) loads the 'page store' at the end of the secure RAM but OP-TEE core fails to access it because this area is not mapped to the OP-TEE core:

• Secure data path (SDP) support in 'optee_os' for the 'qemu_armv8' platform locates the (single physically contiguous) SDP memory area at the end of the QEMU secure memory.
• SDP memory is not mapped to the OPTEE core but only to TAs that are invoked with such SDP memory reference(s) as invocation parameters.

Hence, OP-TEE core inits will hang in init_runtime() if one builds optee_os with:
PLATFORM=vexpress-qemu_armv8a CFG_WITH_PAGER=y CFG_SECURE_DATA_PATH=y

[etienne-lms]

Proposed correction:

• ATF could load the 'page store' data in the secure RAM below the SDP memory.
  This is not clean as ATF does not know if OPTEE has SDP support or where exactly those SDP memories are.
• Alternatively, OP-TEE could be modified to allow init_runtime() to map/unmap the SDP memory areas (if required) only when needing to access page-store data during its inits.
  This change would allow bootloader to load the OP-TEE 'page store' in any secure RAM, being OPTEE RAM or SDP RAM.

[github-actions]

This issue has been marked as a stale issue because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this issue will automatically be closed in 5 days. Note, that you can always re-open a closed issue at any time.